summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2019-09-13 17:49:31 +0100
committerV3n3RiX <venerix@redcorelinux.org>2019-09-13 17:49:31 +0100
commit36ac65103bf5503e5bad1ecc7e8cb9e7643f6840 (patch)
treed9d1fbc20509d4c90f57fb2d9e1459bc8034c831 /metadata/glsa
parenta1392efe64137262023d92492396ca9156d22396 (diff)
Revert "gentoo resync : 13.09.2019"
This reverts commit a1392efe64137262023d92492396ca9156d22396.
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin448845 -> 448529 bytes
-rw-r--r--metadata/glsa/glsa-201909-07.xml64
-rw-r--r--metadata/glsa/glsa-201909-08.xml49
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
6 files changed, 17 insertions, 130 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 052fe8c527a3..eba6cee644e5 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 448845 BLAKE2B 24feded351e2c02762000f35c6c58ac935b2383bf6acdd7450f974e16e15fe0935d3f657233d5cd4ab87639ad5f410b8ea36fd5c019b93bfbfc47983ef01dbdc SHA512 569d13495f7e4953afefd29435d7953d3afa1815ae86459c1f4f84726efaaedc5598835f415738d792d2d1060be50cf8ad9140b7fcf124dd7f9ea681a55957ab
-TIMESTAMP 2019-09-13T15:38:53Z
+MANIFEST Manifest.files.gz 448529 BLAKE2B 70fc5fdf3704f2b7ec0033da58e9dba173720d87011ed4a8c13796a79ab719c338f43528d1a392475f724b87e95f6e187b39a6f6e92d64f4882d0f0004bffa24 SHA512 53832aafadeff79f44632a74dc19ba49106055cc3a8017511025ef2e4ca2499a5d5154766e4957167240e37b7e0bfd956e305d79053c82988ad80b673f006f8c
+TIMESTAMP 2019-09-07T23:09:08Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl17uA1fFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl10OJRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klAjVQ//bD8cLNl1zt+X0PUT3N5fZE1gryFA0wROI1L/RZCzfmEnO+kkRe813toE
-cFF6NgR6PusF4qkPU9UbzkNWYbfZoMaZkJjds1WZdfu+pWD+QPRNcUOPDOI/ZJZ6
-zRTmDB4/U2J/TEZeFQIFPypP4+S3sL1n1MBGiluGm4m4y0hu3WFBiuH5Lh/pk+MA
-W6zvXRFU8Cv32OkdAlnc1cJHamfua04HnSKt+2xgpAl+tMPZYuHZOHziYmkgPTyr
-p3tzcrgjNRAHkNQyd9cfTw9LcG1zl/7QkT8cInIx1z83gM4l9FaUsVt56vLhSOW0
-a1ATf2IMWP0eRP2gsKArKplJL4sshYdGPAosn0RODs00K2Es3qkG+jHm5IAFjDhx
-SDJlpkXUfXgkf8jnbLq9O27XmXXS8FbTPg5ScLJcjwNc8x2ZwSC8jo5TrOelfNZg
-QcJg8eqq+kgi3PL6cmH2V28HW9p6CRG7HFUlOhuBEu1DB8HSpDwUOM4wShByedE3
-Gf6pLHyLlYRTavHUAsyQuH13G6Yx41yyqbEM5SLdOZ8HYJZ4UKKGUC571PIxrrbG
-ALeNU9tvH2x6hV8hZWld0i09GS17XRvPF++Lj4FiZwEEgqQUKdZ0dxcoY7F6Pi0c
-zLKv87opDBnQlf/jqVqiFhnG1lUn6skN2Z/HKqhkcrxTvxc31es=
-=57cW
+klCN8A//SkpChS4L4qFkiOHwjHf4wtUIa7szn1dux34X7fyb3W/5uXdyyRqCarK9
+X9Y8yqKkKUWBTRP195IsRMn76nJD0AwX2v5sKvOEsJJjCMD3Ka8uxKJqb1V23JXM
+LXn0/cqFJHQCfVnZvNLQUCOg5TJEtKZQJVEojFwpicB8usWdGrvk0tuxi81bLbOB
++1ekRMfKy3Ik2sdMWKrowEoeoicOcbYTi7yGT+z8YceVIku+pDeq0Tbj8jvfOYdf
+sdo5pPJeqYFk788zYELBpUGAfM1RkMTv3uuTdQ6bIjNnjb0cp2TP62oSoEYWOWDg
+qh2Ts+j7As00AGtxjq6zv2jQj03rugy3aiz9FvEhR7aLh+acYgD66Lale9QXnHa+
+SLiA22EOXIuACTnFZr0E/IdZGU/KG3QFr2EKCmsupUVxiUINM/Ypz73bmbi6lEIW
+7/ziqcDqYBMmxTcZg5x3gyqrOU/Na/nXEJZ3dLyA7zCtkgts+W4+oh2Iwm9Vcajn
+FTHp0D0ep4hAv505JGUEKPv8tBsU4tmcdjbcpKBXaAF10OU4bkEJd3hzvcNTqrim
+0V1YIj482yNYDWuQEOrru5yBRXrZj9nr+yAkW/sqGvH5zCSAeuMxOKTvzHlO1p1p
+tEizdnKAB6hB3tFjgiF/JMZkDxx3+pMYoTnu57m0KQUjlcVTboo=
+=V6QD
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index e80a943da59d..81138f54ea78 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-201909-07.xml b/metadata/glsa/glsa-201909-07.xml
deleted file mode 100644
index a91111969542..000000000000
--- a/metadata/glsa/glsa-201909-07.xml
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
-<glsa id="201909-07">
- <title>Simple DirectMedia Layer: Multiple vulnerabilities</title>
- <synopsis>Multiple vulnerabilities have been found in Simple DirectMedia
- Layer, the worst of which could result in the arbitrary execution of code.
- </synopsis>
- <product type="ebuild">libsdl2</product>
- <announced>2019-09-08</announced>
- <revised count="1">2019-09-08</revised>
- <bug>690064</bug>
- <bug>692392</bug>
- <access>remote</access>
- <affected>
- <package name="media-libs/libsdl2" auto="yes" arch="*">
- <unaffected range="ge">2.0.10</unaffected>
- <vulnerable range="lt">2.0.10</vulnerable>
- </package>
- </affected>
- <background>
- <p>Simple DirectMedia Layer is a cross-platform development library
- designed to provide low level access to audio, keyboard, mouse, joystick,
- and graphics hardware via OpenGL and Direct3D.
- </p>
- </background>
- <description>
- <p>Multiple vulnerabilities have been discovered in Simple DirectMedia
- Layer. Please review the CVE identifiers referenced below for details.
- </p>
- </description>
- <impact type="normal">
- <p>A remote attacker could entice a user to process a specially crafted
- audio or video, possibly resulting in execution of arbitrary code with
- the privileges of the process or a Denial of Service condition.
- </p>
- </impact>
- <workaround>
- <p>There is no known workaround at this time.</p>
- </workaround>
- <resolution>
- <p>All Simple DirectMedia Layer users should upgrade to the latest version:</p>
-
- <code>
- # emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=media-libs/libsdl2-2.0.10"
- </code>
-
- </resolution>
- <references>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-13626">CVE-2019-13626</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7572">CVE-2019-7572</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7573">CVE-2019-7573</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7574">CVE-2019-7574</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7575">CVE-2019-7575</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7576">CVE-2019-7576</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7577">CVE-2019-7577</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7578">CVE-2019-7578</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7635">CVE-2019-7635</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7636">CVE-2019-7636</uri>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7638">CVE-2019-7638</uri>
- </references>
- <metadata tag="requester" timestamp="2019-09-07T00:08:23Z">b-man</metadata>
- <metadata tag="submitter" timestamp="2019-09-08T17:40:28Z">b-man</metadata>
-</glsa>
diff --git a/metadata/glsa/glsa-201909-08.xml b/metadata/glsa/glsa-201909-08.xml
deleted file mode 100644
index 7f2b35906305..000000000000
--- a/metadata/glsa/glsa-201909-08.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
-<glsa id="201909-08">
- <title>D-Bus: Authentication bypass</title>
- <synopsis>An authentication bypass was discovered in D-Bus.</synopsis>
- <product type="ebuild">dbus</product>
- <announced>2019-09-08</announced>
- <revised count="1">2019-09-08</revised>
- <bug>687900</bug>
- <access>local</access>
- <affected>
- <package name="sys-apps/dbus" auto="yes" arch="*">
- <unaffected range="ge">1.12.16</unaffected>
- <vulnerable range="lt">1.12.16</vulnerable>
- </package>
- </affected>
- <background>
- <p>D-Bus is a message bus system which processes can use to talk to each
- other.
- </p>
- </background>
- <description>
- <p>It was discovered that a local attacker could manipulate symbolic links
- in their own home directory to bypass authentication and connect to a
- DBusServer with elevated privileges.
- </p>
- </description>
- <impact type="normal">
- <p>A local attacker can bypass authentication mechanisms and elevate
- privileges.
- </p>
- </impact>
- <workaround>
- <p>There is no known workaround at this time.</p>
- </workaround>
- <resolution>
- <p>All D-Bus users should upgrade to the latest version:</p>
-
- <code>
- # emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=sys-apps/dbus-1.12.16"
- </code>
- </resolution>
- <references>
- <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12749">CVE-2019-12749</uri>
- </references>
- <metadata tag="requester" timestamp="2019-09-07T17:12:55Z">b-man</metadata>
- <metadata tag="submitter" timestamp="2019-09-08T17:40:45Z">b-man</metadata>
-</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 3a35c43b0add..36c3392d5556 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Fri, 13 Sep 2019 15:38:50 +0000
+Sat, 07 Sep 2019 23:09:04 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 933a7041a478..82f2e1957979 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-0d8b041795d355b2f8da9b84725a62150a91dc13 1567964538 2019-09-08T17:42:18+00:00
+68b71b2cbc79a9ef9e8701eb09586b9f2f9eb7b2 1567815781 2019-09-07T00:23:01+00:00
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 06:28:35 +0000