summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2023-10-01 11:42:50 +0100
committerV3n3RiX <venerix@koprulu.sector>2023-10-01 11:42:50 +0100
commitb447ac3a6d1bb09ddb6a5686620670e223b37642 (patch)
tree4d6d1ca6d418b0dc7c50e0e94cef5038f5fb2483 /metadata/glsa
parent9a92076d428b51966bd8d699427341e5500b3a8a (diff)
gentoo auto-resync : 01:10:2023 - 11:42:49
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin548981 -> 549143 bytes
-rw-r--r--metadata/glsa/glsa-202310-01.xml52
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
5 files changed, 69 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 4afe45d855db..0725ad594a64 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 548981 BLAKE2B 81700173ea02c0d006e3065367bd4b6801ae8e0cad7f0b23c4d86a41c1b860a4cbdeb3051fb86eb2d3f114b8ba0353d6e09e279718eed8ed2607a21c4e7ec67d SHA512 a987e0e64b2dbf1006cecbff251dc3524b4d244d2e54417a697139ac9ee5a97d21aefdfb0fb940e1890076d7fa18c793f4f7a60db6960004ade2253826320f19
-TIMESTAMP 2023-10-01T04:10:10Z
+MANIFEST Manifest.files.gz 549143 BLAKE2B a22ba02cc8dd6e99745b4bf9665fd31ede4c7a9f7858402dcc10733f4379b39eb2b46414a0215d19a3e92fdf2a4a8edcafa50a7e2fab8928fb28fdb2a2ddc6c5 SHA512 dff106915559af2a3b9a9598542111eaa6559551fc8e315ee13b80b72381c1c8cede91a442e7800e758e8a4cbeabb47c418622deda467829666a2b973c53d917
+TIMESTAMP 2023-10-01T10:10:08Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUY8SJfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUZRYBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klB4TBAAmdvznLfPM7tHzvoZ64+m2mgfuaCj7nyve0NnX421WYiAeh8YrYOIN3Yb
-u5RAzG7/7c5oZf3slTTgjEW5sjkVpry4GiY2b4jC1PFyQkL8eiPexgA2YgfPBkAP
-feHXGuipKRR4q4Y+pnrPc1FWZjIPbyzR+lwGf8mBqoKjbFua+Zte6izdKiiftWEA
-aZwPKdZFB9yfoYHdvqWht7mCpBUISZPE+AGEkxGX656WmE1mUabY6GT+ZVFb+zkL
-uhzwE8SRRmqc6Pfy6e0Xrhvgppjk9eJZa1DEgqLG/DCPM6swTJXer24kLdx5vJwE
-ABQNAvk4FAG8rP6a2bkPnWcoZ0gW440yZkbGw2RGaLEUXDXQcPI71SAjNz7SMYst
-wVFG0dRx+iXViw5VqigaAC84YGXHWgxC/CpBE63OoS0pfxHDGI4oEP4aCBQNMuBk
-2ixEjuPy0Fu1ImzDYjrh7vybV484aHRzFpOqCEhonCe9QPtVOhPgb3kPMtAvdjx1
-Gh1fJcdeV4AfGEuV7hdeTNOHUslkyDLgRgyWe3IlmtXzgQwyQM+FgJopylqSIVGK
-lvjZdFOEQfCobQMao74ENvm7bqppPf48R7yV6XBB+KxwD8LTvoxpS4XTXoC2Uple
-6YYNnhQU+7CIK03hFNnDUC5Y4MLfBa6cEf4c40KNOMmA4wFv14Q=
-=iE0U
+klDtdw/+KbtMaR1aPUZ9Cy7jdP2ryRZGPEYzRcnx3J05RuGjPI2Qd0Ny4hbkVqT6
+1N48GKaHd2PgiexIeZAGo3iY0aeH/uOUU4fI+1fBLxPwumqI5lK0i3la1GcC8vh0
+kMXPCc64juTx2hLmRPVjNyLcxwqqVg2ZR2Le/A8faXTXJbqHZFMcyw+JLdQZ+X6e
+0140uW7NluipHyOfZBOAMHZfKHWIg5r7wSKklw3STv/3RfBrm8vIDk6HKEaEU6W/
+vFyAtk3Sj1aO/dQwQnz2s2+lOFCS6txni1baZOgM00KEYTB0w6xYE9q6pbiGMVvC
+y4wmxUdm73d9th9cus8f1+NqfT+NBqus21h3y1ypedpkz7rtpHCaE8KdTzP638/4
+0tw/4hiPNnIS8YCoXO9jHh4tY6biBczXU8cW/MEUKBs0wzK57RzqwxRe5UnDwDqu
+YlNlq5zqgaBTz/L11BXrn0tmS42NYG9eTvWY0qp6iJER0upModa6Q6dkDP7gsF2p
+uVwmTh8HO2hVObwfOGp6iZAwvBaR6eghwLxA94/kilFU6Yeq/PD0O3r7px1EVlmx
+IDsJcqVJTLZ3MVcHWrudX8Jr079kx7VCiA0TdjHeNLWbDJjc2dt4Hq9Pq5jdF5Wx
+rJEa7NgbFa5vGgCTz3qEKAiUdHliTFImPsMqHLutvHy2EvZWdKI=
+=+nTn
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 0926db590859..2e8a131935d3 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-202310-01.xml b/metadata/glsa/glsa-202310-01.xml
new file mode 100644
index 000000000000..fd23ee422c15
--- /dev/null
+++ b/metadata/glsa/glsa-202310-01.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202310-01">
+ <title>ClamAV: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.</synopsis>
+ <product type="ebuild">clamav</product>
+ <announced>2023-10-01</announced>
+ <revised count="1">2023-10-01</revised>
+ <bug>831083</bug>
+ <bug>842813</bug>
+ <bug>894672</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-antivirus/clamav" auto="yes" arch="*">
+ <unaffected range="ge">0.103.7</unaffected>
+ <vulnerable range="lt">0.103.7</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>ClamAV is a GPL virus scanner.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="normal">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All ClamAV users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20698">CVE-2022-20698</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20770">CVE-2022-20770</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20771">CVE-2022-20771</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20785">CVE-2022-20785</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20792">CVE-2022-20792</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20796">CVE-2022-20796</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-20803">CVE-2022-20803</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-20032">CVE-2023-20032</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-20052">CVE-2023-20052</uri>
+ </references>
+ <metadata tag="requester" timestamp="2023-10-01T08:37:37.977976Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2023-10-01T08:37:37.980167Z">graaff</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 450a0c13d84f..272847ca0a95 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Sun, 01 Oct 2023 04:10:08 +0000
+Sun, 01 Oct 2023 10:10:05 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index cfb882390115..e45c04ca216e 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-de793de405f9e13d0d29d94de3f236ce0b5b3338 1696064247 2023-09-30T08:57:27+00:00
+de933a38b263b239206a394919eff4c8f72f835c 1696149575 2023-10-01T08:39:35+00:00
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-05 09:59:46 +0000