gentoo auto-resync : 04:10:2023 - 11:51:15

5 files changed, 64 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index eb7504c82dcd..db6e875dfbda 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 549303 BLAKE2B 2f2faac40bd20bac0e3cd39614dbd08d21b1f7881f63ae9d0818f2b4da5ca34a7c78df0e5ab0852b794fa786d802b5040998315d8f36069518e90e082b9c244e SHA512 91b5bd6983fe455c6ec55dabb8763f63460603682e7feb1913324d4cfcd985ee99dd07b8f9b0bb6aa35b8a2fa6e1342235f954581928615b1a56995d87f7cc45
-TIMESTAMP 2023-10-04T04:10:06Z
+MANIFEST Manifest.files.gz 549460 BLAKE2B a1f9ee4b119079d55103a4ccc3197b5638e1f0913b6b08dbff50e6a9ae785bd677e97041b367e5c90d4e715da5a2e9d245d4614a65f57c6fffbe3055d41af720 SHA512 af57c6ff084a9b4d66c2d7d6cdcf381f6edfb5a8b5e7b97a153bb0d0556002c8d13b0c6530999163f8396d382c2b2f781f28b63456546ee7c16c7c3f82742c24
+TIMESTAMP 2023-10-04T10:10:13Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUc5Z5fFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUdOgVfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klD54A/+Oxqb9Xi6wOKwWCZoovP7Aw8BZLJU0SVUGEgYUXdjBBXmfIue0M0wyaxH
-JJ0ANouGINiH71Yf28Sz3xqr6V8xTyw7nRZjJ3wONBsIciefw1DD1xTGhV26Bnse
-tFyzHu3mCjnetjga0ofMLxNwEZQUKPHPQtvrC+/A6aYRz3hEKblOwSxWtp6ryNo9
-/AJzljoJocjIlHWiNPsAc7z7g6Lr3yjWz0rpyD1GG6Z1MikJN1/9sgzbzWXim2NA
-VtuyBVdgRTHYQOLs/gCVQbaCgPdIDz6psJz64p3Ktg3VYR/Lx913Ez5c5X2naNS7
-UUnc/7WASA3UP2onDTTF62AosjJbqe7QdKQLSENkz1NX8zEfxDGoCtV/ugV0rGO6
-FnXt/Ya1fJdFPWtYNeMWl1EsmExIKf9Gliwm47cb7kvLFsuWIW5wZMM1rTxgAhLI
-23bFP1az4cRdl7R2aeSorm7Id6po8PRWPtiKktiigC65F/Xf93gUQYyzm0R1s9xe
-EY4xJvdByAqlYqfldkWmcITaXonScNzk17eBqfqReJhpAqIvlPMIcYs3KmxI1C7R
-7+j6ZlW8gcrX3+EfW3WvBcLSFqCQaZL5/8oxHOWmXZrBQRUb6NVMI5yTTYGcgXsv
-9Q9tDY+YcsKWJdBcKIXRC9Ll0VW4LNYxXfkMkoMW7VFRIhpa0cA=
-=ZZyv
+klDmlg/9HBr9rlvuXXu6wZkguZCHd+LrEdxj2g0beJ9QakQ9OnSpm5kiYlWKQEsp
+vRjHJO/iAg1E3zC4JfLUAje1AaYwDUggAYuc+lLCozQfJzq0kyChYQm9mWd5LyA/
+ym3+SzzulpOhE4aQgCZEUN0sOylkHmiMlcwx4mh7Dpc0knIFb/7GDTmZYoJy6WwI
++hedW0Jj+9LVV7OgZ6yNWCjRfhVV3NnrA2wRAmVWFNgs3PTezenZ/myP1vo6+8Yz
+kq2yP0ybQX7mQD6b9xf3o9NSk6wYmz/6DXCAgCTMVLhblEhJ7o3+7H0H2W59nF5E
+HaybFdmrObOzM7nivDIHpKE3zjwypkkmCcMcBRv9wuddph+38VSNmIaAhG1T2NQ4
+Lhb2se13umiwSOIfEulS3lMJVvTtSTZl8h7sUUJrY23hxMDfCqd9WjcvuosWCYNV
+E3rsNlwE/UIH1zToXJ6uKfT27u9rsYue6h5awjkl7f+0+taWGjQerCYj7TFkoy5Z
+XrwpwWPycLlwV75qcHLS9l6xkpLMaeZQ1qeDadAm+D7RqNqfMsTzbDJSyunkPuRD
+/94492Y1OE3cZRN4aCAyEBiF/fT2zDuczMhOuWDpAAu6Cs++/6J6idfpomEEWB1z
+nHKJg77r5ySgWhDFY9xjpyWTwtob7bY189ndGQChAxlZNI54P3s=
+=TDQs
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index c95f1f7b00e2..b03f0fde4bfb 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202310-03.xml b/metadata/glsa/glsa-202310-03.xml
new file mode 100644
index 000000000000..cb112fcafeef
--- /dev/null
+++ b/metadata/glsa/glsa-202310-03.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202310-03">
+    <title>glibc: Multiple vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities in glibc could result in Local Privilege Escalation.</synopsis>
+    <product type="ebuild">glibc</product>
+    <announced>2023-10-04</announced>
+    <revised count="1">2023-10-04</revised>
+    <bug>867952</bug>
+    <bug>914281</bug>
+    <bug>915127</bug>
+    <access>local and remote</access>
+    <affected>
+        <package name="sys-libs/glibc" auto="yes" arch="*">
+            <unaffected range="ge">2.37-r7</unaffected>
+            <vulnerable range="lt">2.37-r7</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>glibc is a package that contains the GNU C library.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>An attacker could elevate privileges from a local user to root.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All glibc users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.37-r7"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-39046">CVE-2022-39046</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4527">CVE-2023-4527</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4806">CVE-2023-4806</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4911">CVE-2023-4911</uri>
+    </references>
+    <metadata tag="requester" timestamp="2023-10-04T08:02:08.857868Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2023-10-04T08:02:08.860070Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index fd4b4a5fed38..b92e786ad91c 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 04 Oct 2023 04:10:03 +0000
+Wed, 04 Oct 2023 10:10:09 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 3713d3adab6a..276c5a56bfe3 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-e0200868c5e75eb57e7355dc8786db0f79271aa3 1696337223 2023-10-03T12:47:03+00:00
+029e12731f29676d3f6ebed09f7747ee6e15c5e8 1696406561 2023-10-04T08:02:41+00:00