gentoo auto-resync : 31:10:2023 - 09:47:15

5 files changed, 64 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index e79512429fcd..fd43c2bc07d4 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 552160 BLAKE2B c4a5477dbfb55c3bbe641438b3e9adf48fa50c0d3441ac98776b2554a171a4e603b690216aa384b9c720945f640c9a42d5bdc15ee8cebb6472ed148f81a03524 SHA512 92d0fedf6186bf9ffacb9ed55ab2129e7804756cf5b4d56d9a6de290ec38c4f69a9495d06d0f581ffecce1fad1e401d08bb1de2e4df369a23c39ca978499e608
-TIMESTAMP 2023-10-31T03:10:09Z
+MANIFEST Manifest.files.gz 552319 BLAKE2B 1034d391c2693d13bfa95dfdbcefc204dc3ca1ffa49d6aacfcdcab441ee60fef27eef107774f8880993e95aa4111f94343a775548ac3105ef443397b62ba6121 SHA512 d36fdc3ac1978f9b20de459a0cc40364d9e4ff8f6711a93b6a929151ce403eb2576dae9df2d5306e0e35d0baacf2083fdee5905974cfe2f3c4fefe745eef3d03
+TIMESTAMP 2023-10-31T09:10:02Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmVAcBFfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmVAxGpfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klB7hg/+JsRtEuiZJWwL/TZajE01vx3abcjfl2StIr0wfOxCCH7FCGI/1hSKOyXo
-CrWnTaUJfWV4tr565U8BITfhf9Rr9M1gNb2p/mXF9DZ6RShYj6z2Ip3S5DSL/E95
-X0LMb6y7rptxscUwhEx7QgQI86EE4G2O4yxHtnx2EYrybeWMeMeZV64IYZ6MhWoR
-VsykJZOz0Q3wusF4GhYVYhXA8gnpJPPskhAxLd1Cf3pQwxKeGV8ja14jOoICLuCo
-vd0o50YnWRcw09Wp64Ta4pLOAuLgnPYPN7URZrdFjxjBCmiTATdMsJMpIYusSY0B
-24zocJGdv7luF9patir9Y7duRPtrQbsivowatP3AU6+Wq9lh1K7iITlW+ZQociIR
-WZvQyXR+g7/doOpPlfX1wMFV6skz6qe1NGHb0DpBkjy9yavlx2Kmf1yVR+pNsymy
-FeYEBXSU+b7SJK2dHzrOPCbA2bDnIblefuVQoVzb8YAky7g8aFuHw5ahkqK5BLbT
-KcKowBHpst4akK19OdplXXfVqAJSF9jqp1PQXzVFrUm8hV8/Fh7+cG/Rwa8K+GPf
-r6X1/ig3bci8Xuzf83VCYHtgs+Kgp9qlrlCTAIp+AxM0up3pmhoSEbhhiEepoohk
-gsShTl9XrhcEIt1dBLF0Yzxr4joapAGv1FyfOFZQLKC2KdfNxbw=
-=qnDN
+klCjthAAj+sv6v5kv7XXvbqdz+rR94Ey+f5N0yd02qy0yMrwV+5UyU1X1DiYn2pi
+43g0UtxaJapRdpwEvrt4GB2vFq1ntPRCVLf8Kn+Bc2pZy+Q3gDsWF+bdqpYkcZgA
+TpWoIP6d0CuioJazoO1JNXLkEjqix0+PVvD1IL8wpPNmCqesOeV9bMzzVGVipGSM
+lN2cTifG2Zl7qe3RuN9vDqQjKD73JM4cc8vya9YNeaodXCbN5DTE95vQ5Ka9+Rmv
+DHQUA1c6YzDmSIu0cZiUUzRvp/bnaizyoNZ2bq8JPolcRTdLUzDmxDNxWA3bfcni
+qUYeJ9po0unNjv6hCW/m0cerNQx0v8l/V6BR2zkMETkmTx/tFVZtcKuLR/22p3i6
+Mo8qBCZkyS7nG0y767paf/lLBE4VjaVgPT85K32wu5M4CJi/2zO2erIkWLS6lKQU
+2yqnoDFLlnKzR7dTk/wOKlTwLCWNyHvl6qXX3g1F1qnneE+1G7jzmvvwhP8e7Wg4
+ZDhH5OFA56k52qlKHAPxuVPqMWysnNgUKBXZYZSfwo9a0oaWAWHUHyA1hdU7BNSe
+bkkZr3beVA1l/5S6dK/E2LzGiKW5krFZvQjj1QUfE5w1QbjRWpoNYxWBm2jZ3EIT
+oCuONzEYFIeTZ9jg7x/R86WI52Dnf2CBQYifmnIna1bZS04WNxg=
+=68h8
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 184a203d91d6..949a26c5d1b7 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202310-21.xml b/metadata/glsa/glsa-202310-21.xml
new file mode 100644
index 000000000000..d701fa31078b
--- /dev/null
+++ b/metadata/glsa/glsa-202310-21.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202310-21">
+    <title>ConnMan: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in ConnMan, the worst of which can lead to remote code execution.</synopsis>
+    <product type="ebuild">connman</product>
+    <announced>2023-10-31</announced>
+    <revised count="1">2023-10-31</revised>
+    <bug>832028</bug>
+    <bug>863425</bug>
+    <access>remote</access>
+    <affected>
+        <package name="net-misc/connman" auto="yes" arch="*">
+            <unaffected range="ge">1.42_pre20220801</unaffected>
+            <vulnerable range="lt">1.42_pre20220801</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>ConnMan provides a daemon for managing Internet connections.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in ConnMan. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All ConnMan users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=net-misc/connman-1.42_pre20220801"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-23096">CVE-2022-23096</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-23097">CVE-2022-23097</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-23098">CVE-2022-23098</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-32292">CVE-2022-32292</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-32293">CVE-2022-32293</uri>
+    </references>
+    <metadata tag="requester" timestamp="2023-10-31T06:25:15.876393Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2023-10-31T06:25:15.879529Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 0d1bee7ef4e3..e4b66c4e93f3 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Tue, 31 Oct 2023 03:10:03 +0000
+Tue, 31 Oct 2023 09:09:58 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 74d6c3070aed..a9b608f2dce0 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-d12a82540d0c09c7cbfd5cec49458e7628226b4b 1698661209 2023-10-30T10:20:09+00:00
+31f2c2345585dd05f950ce51bc6b7227485938e0 1698733547 2023-10-31T06:25:47+00:00