gentoo auto-resync : 08:09:2023 - 22:31:44

5 files changed, 64 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index e3bd5043c074..ec4b8c954307 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 546284 BLAKE2B ffce95d14dec8e0ecb1658575f411350a797650e5376e656bbe5d1c11b4e05372611ac4ca5de41270e2e69dfa9461b99f212aa044d6509bb082c7f94d92006b8 SHA512 c90fc6416d62b1b09cbafd89df9a8523e7e9eec12dd28fd39f81776bc9076c1e64fdb0203c709c330d323ea0c05daf6d59e5c469948b4d49cc6d59443f29557a
-TIMESTAMP 2023-09-08T15:09:51Z
+MANIFEST Manifest.files.gz 546444 BLAKE2B 427e6ba70311c66f33f8718c9e5205812a06f7180945f95cd2cc13a642ebd00b8ab6bde2ebd1ac16f0013a5d2c65c3729739daaa24b9e4c70888d6626437692d SHA512 666ed25ec3b20188903cb612d27562ec06741fff2c9cc4ee150980ae0801d6b66d3d117a8d3df13d953f8c0975e6b4fd3d287a501bb281b5093186361d8515d8
+TIMESTAMP 2023-09-08T21:09:46Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmT7OT9fFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmT7jZpfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klCPJw//YMzrFBZFHNenyOkMkBFFSdfAsoqm0c8vlPkR6456EXqomAkkw9PKuyiX
-vP6ZXEXVGk3JlSVScAFoHDhYm9lhxPJlbLGIKv7+5hsYNw7UlsVet0VWvOlk1EOn
-Xn+LevSLrVfgr6Q0o+5QZPwmbDrE7W1iv48+Be9Ru5+AK86V5xDEWYW9tRpt0POP
-hkLT4yrdr9/CiqgiRNZV2VEv5r+wVa2Qc1e0pvdgD530eqf+8Ph9pcak2q8p3i6g
-Plxvh9cWTUiOlYxpe8t+Bun3J+VlFnDG9Ssu+A1xWhpSjYEJuuhXHVZmy0aNUrnf
-cDynVei0eOANYE6Jc/YQRbM4uQNDOesJdh+smEuo6ItyCvm3OqEFUUFXAv7ZpH5G
-g2honAlZaB/+ntnVo2hpouB8+x99oioxinIHhHvkkgtw0yYa528qZXXWc1hV0uQ+
-ZGkjuWdpcYi2AA5K408GpIIPipjeVmRhSc6BNfYNyWiyTMJoS7bUKb3MzeSboaDk
-LlMjg8VmihAESPQCdBCsoQuo22EmkgzvIBeF7CkXZXbKDUiG7+9LEoG1jVWprq5R
-1pNK2o4qAjX1pUi6J0hE+qv37XTecqQ+4OjAbx57xbM7XbWCxM5hxMFIAh0CeZqS
-CeLCwKfDTTGQa1YLTWOc549hPjj01tI6np9qHf5OyGKFjbu+Tm4=
-=VkjQ
+klDJ1RAAjtgFfuT5iSjX2EV+TJReNCDjgwtNh5AzMjRETbs/T3mNSX/Cz05QP/bV
+lfMC8udJE0nKmojFTmkZijWVGpRs0qi+x7xPMQkI3jPDS72m3vicQXzHYEQr6Qfd
+bLjrBdLASRiPpX17XZMVouAEdBNE6c7KYaBVI+fxHtZ2gnp51aj5ppYN/NYVrYnL
+eXZMY9Pn0miCwt+EnRUfHa0pR+D3+AVHlQen6egf5mevkFPclyX8KpeFESFtoQJa
+FSWdBef3SPwLhFHvHH2B+cRt2AR+LR2CBwL8lNyMQ4X6DjLf23AC9RR1WCVK2Qh4
+pB/KtKYKWb+ov4Js0xk4p4NEg3BgnJC0lrYMTMbz3fPaDM1NvwlgFQlI6XSnTVZZ
+MdoTxumE1zyvIIuNJFz0oPPeMQd1B5UOj3huI0eaxrOdoAgxNpFhSDS/EFEWpGiK
+AD6Gt1d5COiDLRASeHzOHQhhyKq0x6SCycQ9HhRsKcn6SVo5Khz76IK+AVECrb2D
+0VSaKCM02gywH9rLVKccjW94bybtCIQ5w48/QTIIdkD/1uSOwJnGKKYlDe90FpqE
+Grv8De26+MGjWAXYjDCCj3GGd7vaWeMAJjWuO6idg5FCIDqvJZCpbzACRZBlW41+
+FcAU+X3PaTdvcWIEDIwE+tmuNxsXgtyNtqsCKIQ/vxGRSu6yfag=
+=N4J9
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 933f01207b15..a1ad35b3aa1f 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202309-01.xml b/metadata/glsa/glsa-202309-01.xml
new file mode 100644
index 000000000000..0892fd30ef08
--- /dev/null
+++ b/metadata/glsa/glsa-202309-01.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202309-01">
+    <title>Apache HTTPD: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in Apache HTTPD, the worst of which could result in denial of service.</synopsis>
+    <product type="ebuild">apache</product>
+    <announced>2023-09-08</announced>
+    <revised count="1">2023-09-08</revised>
+    <bug>891211</bug>
+    <bug>900416</bug>
+    <access>remote</access>
+    <affected>
+        <package name="www-servers/apache" auto="yes" arch="*">
+            <unaffected range="ge">2.4.56</unaffected>
+            <vulnerable range="lt">2.4.56</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>The Apache HTTP server is one of the most popular web servers on the Internet.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="low">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All Apache HTTPD users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.56"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2006-20001">CVE-2006-20001</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36760">CVE-2022-36760</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-37436">CVE-2022-37436</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-25690">CVE-2023-25690</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-27522">CVE-2023-27522</uri>
+    </references>
+    <metadata tag="requester" timestamp="2023-09-08T19:12:28.502608Z">ajak</metadata>
+    <metadata tag="submitter" timestamp="2023-09-08T19:12:28.508873Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 097cd1540d71..d30de9aebef6 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Fri, 08 Sep 2023 15:09:48 +0000
+Fri, 08 Sep 2023 21:09:43 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index e8299091e63e..00b1e1be74c7 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-6394ef8ae23b1cf183b45b603eceea6389a3c371 1689819508 2023-07-20T02:18:28+00:00
+c436d88493a5c8eec9b1f8a63799d35dd75d3372 1694200711 2023-09-08T19:18:31+00:00