diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-11-10 21:28:32 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-11-10 21:28:32 +0000 |
commit | c020d9e9432cd0e36fe47ad14216d6048adb49fc (patch) | |
tree | 7c3c3aed7d27733e3ad6d8f8f017244169c20772 /metadata/glsa | |
parent | 0d0e3e0adedd9f237ceea9e95cbd0ed29a4576d4 (diff) |
gentoo auto-resync : 10:11:2022 - 21:28:32
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 536084 -> 536244 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-202211-02.xml | 42 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 59 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index ccc7624b2487..e8d48dd81e77 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 536084 BLAKE2B c89e49fb5e75661a7da4bc1a8267e8936701fe518e99a96ea46c267fe11ac6fcc34a3029874ea964f0a67189423224c5aba6dc5cc7a56cf0d5889ea2d47d781f SHA512 75913d485440890ef20577369af3828f92411599dd916f9c5792517c2a36a196afc4bb5153abea2e3a2bc4b763ff2159dd5b7d79a6de88fdec6368ba79776c6f -TIMESTAMP 2022-11-10T14:39:41Z +MANIFEST Manifest.files.gz 536244 BLAKE2B 47908e9e54099299278f14e5112b789aac78178d7406b6880e3986163e8e2aeec411757dbe131202da7291c508ea72a7d158f7fe08facf6e36a23a28a992a7d8 SHA512 ef16d73b0d889ec01efae4d55e398ba1b384a7b46066c129d82b336f46e8804d0dd1765c65c49d93842dc829696efc67759ac790655f316a70359fb8847d9e4e +TIMESTAMP 2022-11-10T20:39:41Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmNtDS1fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmNtYY1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAdaBAAoaQX9MyESReWt0mMfVcKwUs8+0jb2OO2U41338h7TDUbIQ5MSUFYJUuR -IQmK8Sn3rbL6cmaEuQfitWqyDH0jx8OX7oRZLUzLgWeb4zdCCSnY8us74DO0F7yW -0wzXBVtSkdEg4jRWWP/96Ux5e5sgK+o0yaWaj2rCJu1FkC4gMECg/LIIvJX+QT9X -ov8q7kS1HFbD5gJNtEFSFTY/ayLJditkuK6h6CxSdjFXq9wgo0q5eO7/AUXrLLsw -eg4Y1Hw+VEIXHvy8zFFGov+6Jv1R36Ti6BD+Qx97f944nQDRTu3axlyWUjpl4wj6 -ljdTl9zVRBVh0/hWjCc0kxNEcPVcBzCwhUJzNi04sFt7eo5FpwlX5te0/xlAZM3I -2zSmw/7o0E2lMGI5fnMvPUTCCcIvwjbymGiKZqlHnx96XbBlpwA/ndK9OjYpU/57 -dgGqj7tshjNhksTFdxK/oi1YetRjd9t9Hw2ysh8EP/zim59jhtfKYxIIBeV8CTLI -0HJa81pavl5D78LiXP5vogHr2CxCwWlmM49Z9xxxHkJKbPOiFO57wtop4dmjnEH7 -KneB/d3nDnLgEqfC+Tk58WO8xNG71zQrfUEEyu1LmeUPA+wExZkc0gVKIou01xqw -Glx9IbT53loOu6Qi8vHIfDa0Les6CBtc37xTDnWoDIFiu85D+Bs= -=wxo+ +klDeMBAAmyWADY+pjEhMDjms5vR3loNY526fja5W8AsDmh6DMDPXtZP8FXI5iTRy +uVmI+ZDsd0SaU90AiC1IGPq29VjDcz+p4fZgkmUSL07q8gg5EM4b0nfCCv9SpyK5 +fxYIzqKu8FcdQFe/LIHfVBHWzAOcdo2TRQAKAZOCMY/bqiBWKDHNdMqVit3xKZL9 +d3Kv5IL88cbOL6BdtUqA7o3XBRCocLu4dWklMPzoMFIAvS52M9ZPtVPgKfUKg2Ky +vvdD/Y6yYl8wOPSxfeW21111Bqvx6b3s8RlWGC8zegX3zPFsydYjBWpcEEeSnoPJ +Qm8E/jQeWO4UxfSJypWGqlUWsqNyau3RbMQADWCiVkxg0kcG2xJogP7BQAircwdL +HzxmRTp4Hb+eF2HqNrSql7GaLbNVfAnvXdw2/VRcKtfp4rRDuGXNS5HyxggDsqTT +Qp4pW3ZTKte4Tj78K6IBbehSlFMg1ms/F6erq6hthENYLKHVXjjH4jq8L7y7Utt/ +dwq1dK8mSuM2tNzlCqXx+vstfAJT2I2TNhj1Lu1zHtMu9l6htCiEDu4D1xCg1N4o +MZPKvShleyc5lRPMD6lpwZGl7COcst7bHxsJadLROfe71a8EgPev2L6U2pMsYyUv +nd3FDzJOx+FvjF1U4Sr7MQghAzQ71X5wLHcwYY7rnyp721c9DoY= +=55z0 -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex a99bb4c6d887..1a4f9ff8d224 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202211-02.xml b/metadata/glsa/glsa-202211-02.xml new file mode 100644 index 000000000000..982dbfe367b2 --- /dev/null +++ b/metadata/glsa/glsa-202211-02.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202211-02"> + <title>lesspipe: Arbitrary Code Exeecution</title> + <synopsis>A vulnerability has been found in lesspipe which could result in arbitrary code execution.</synopsis> + <product type="ebuild">lesspipe</product> + <announced>2022-11-10</announced> + <revised count="1">2022-11-10</revised> + <bug>865631</bug> + <access>remote</access> + <affected> + <package name="app-text/lesspipe" auto="yes" arch="*"> + <unaffected range="ge">2.06</unaffected> + <vulnerable range="lt">2.06</vulnerable> + </package> + </affected> + <background> + <p>lesspipe is a preprocessor for less.</p> + </background> + <description> + <p>lesspipe has support for parsing Perl storable ("PST") files,</p> + </description> + <impact type="normal"> + <p>A crafted Perl storable file which is passed into lesspipe could result in arbitrary code execution.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All lesspipe users should update to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-text/lesspipe-2.06" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-44542">CVE-2022-44542</uri> + </references> + <metadata tag="requester" timestamp="2022-11-10T16:33:11.165769Z">ajak</metadata> + <metadata tag="submitter" timestamp="2022-11-10T16:33:11.170829Z">ajak</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index cf84bc4548e0..29dcd93db7e2 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Thu, 10 Nov 2022 14:39:38 +0000 +Thu, 10 Nov 2022 20:39:38 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 75b2cb040a5f..856b1311a2d5 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -273d516e3c9a0078775979649ecc570e7186f050 1667339933 2022-11-01T21:58:53+00:00 +d2caa7d73160aa5b9c9cda07665068a8b25fa730 1668098162 2022-11-10T16:36:02+00:00 |