diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-10-04 11:51:15 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-10-04 11:51:15 +0100 |
commit | 713e25c0c3d1e5434ac60ec0549708ec2f744bb4 (patch) | |
tree | 9e9281ff07875c667fb3bf223166de68137f4635 /metadata/glsa | |
parent | 08b4047e14c989cfb931eff95973837f54ccc9e1 (diff) |
gentoo auto-resync : 04:10:2023 - 11:51:15
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 549303 -> 549460 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-202310-03.xml | 47 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 64 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index eb7504c82dcd..db6e875dfbda 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 549303 BLAKE2B 2f2faac40bd20bac0e3cd39614dbd08d21b1f7881f63ae9d0818f2b4da5ca34a7c78df0e5ab0852b794fa786d802b5040998315d8f36069518e90e082b9c244e SHA512 91b5bd6983fe455c6ec55dabb8763f63460603682e7feb1913324d4cfcd985ee99dd07b8f9b0bb6aa35b8a2fa6e1342235f954581928615b1a56995d87f7cc45 -TIMESTAMP 2023-10-04T04:10:06Z +MANIFEST Manifest.files.gz 549460 BLAKE2B a1f9ee4b119079d55103a4ccc3197b5638e1f0913b6b08dbff50e6a9ae785bd677e97041b367e5c90d4e715da5a2e9d245d4614a65f57c6fffbe3055d41af720 SHA512 af57c6ff084a9b4d66c2d7d6cdcf381f6edfb5a8b5e7b97a153bb0d0556002c8d13b0c6530999163f8396d382c2b2f781f28b63456546ee7c16c7c3f82742c24 +TIMESTAMP 2023-10-04T10:10:13Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUc5Z5fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUdOgVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klD54A/+Oxqb9Xi6wOKwWCZoovP7Aw8BZLJU0SVUGEgYUXdjBBXmfIue0M0wyaxH -JJ0ANouGINiH71Yf28Sz3xqr6V8xTyw7nRZjJ3wONBsIciefw1DD1xTGhV26Bnse -tFyzHu3mCjnetjga0ofMLxNwEZQUKPHPQtvrC+/A6aYRz3hEKblOwSxWtp6ryNo9 -/AJzljoJocjIlHWiNPsAc7z7g6Lr3yjWz0rpyD1GG6Z1MikJN1/9sgzbzWXim2NA -VtuyBVdgRTHYQOLs/gCVQbaCgPdIDz6psJz64p3Ktg3VYR/Lx913Ez5c5X2naNS7 -UUnc/7WASA3UP2onDTTF62AosjJbqe7QdKQLSENkz1NX8zEfxDGoCtV/ugV0rGO6 -FnXt/Ya1fJdFPWtYNeMWl1EsmExIKf9Gliwm47cb7kvLFsuWIW5wZMM1rTxgAhLI -23bFP1az4cRdl7R2aeSorm7Id6po8PRWPtiKktiigC65F/Xf93gUQYyzm0R1s9xe -EY4xJvdByAqlYqfldkWmcITaXonScNzk17eBqfqReJhpAqIvlPMIcYs3KmxI1C7R -7+j6ZlW8gcrX3+EfW3WvBcLSFqCQaZL5/8oxHOWmXZrBQRUb6NVMI5yTTYGcgXsv -9Q9tDY+YcsKWJdBcKIXRC9Ll0VW4LNYxXfkMkoMW7VFRIhpa0cA= -=ZZyv +klDmlg/9HBr9rlvuXXu6wZkguZCHd+LrEdxj2g0beJ9QakQ9OnSpm5kiYlWKQEsp +vRjHJO/iAg1E3zC4JfLUAje1AaYwDUggAYuc+lLCozQfJzq0kyChYQm9mWd5LyA/ +ym3+SzzulpOhE4aQgCZEUN0sOylkHmiMlcwx4mh7Dpc0knIFb/7GDTmZYoJy6WwI ++hedW0Jj+9LVV7OgZ6yNWCjRfhVV3NnrA2wRAmVWFNgs3PTezenZ/myP1vo6+8Yz +kq2yP0ybQX7mQD6b9xf3o9NSk6wYmz/6DXCAgCTMVLhblEhJ7o3+7H0H2W59nF5E +HaybFdmrObOzM7nivDIHpKE3zjwypkkmCcMcBRv9wuddph+38VSNmIaAhG1T2NQ4 +Lhb2se13umiwSOIfEulS3lMJVvTtSTZl8h7sUUJrY23hxMDfCqd9WjcvuosWCYNV +E3rsNlwE/UIH1zToXJ6uKfT27u9rsYue6h5awjkl7f+0+taWGjQerCYj7TFkoy5Z +XrwpwWPycLlwV75qcHLS9l6xkpLMaeZQ1qeDadAm+D7RqNqfMsTzbDJSyunkPuRD +/94492Y1OE3cZRN4aCAyEBiF/fT2zDuczMhOuWDpAAu6Cs++/6J6idfpomEEWB1z +nHKJg77r5ySgWhDFY9xjpyWTwtob7bY189ndGQChAxlZNI54P3s= +=TDQs -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex c95f1f7b00e2..b03f0fde4bfb 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202310-03.xml b/metadata/glsa/glsa-202310-03.xml new file mode 100644 index 000000000000..cb112fcafeef --- /dev/null +++ b/metadata/glsa/glsa-202310-03.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202310-03"> + <title>glibc: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities in glibc could result in Local Privilege Escalation.</synopsis> + <product type="ebuild">glibc</product> + <announced>2023-10-04</announced> + <revised count="1">2023-10-04</revised> + <bug>867952</bug> + <bug>914281</bug> + <bug>915127</bug> + <access>local and remote</access> + <affected> + <package name="sys-libs/glibc" auto="yes" arch="*"> + <unaffected range="ge">2.37-r7</unaffected> + <vulnerable range="lt">2.37-r7</vulnerable> + </package> + </affected> + <background> + <p>glibc is a package that contains the GNU C library.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="high"> + <p>An attacker could elevate privileges from a local user to root.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All glibc users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.37-r7" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-39046">CVE-2022-39046</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4527">CVE-2023-4527</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4806">CVE-2023-4806</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-4911">CVE-2023-4911</uri> + </references> + <metadata tag="requester" timestamp="2023-10-04T08:02:08.857868Z">sam</metadata> + <metadata tag="submitter" timestamp="2023-10-04T08:02:08.860070Z">sam</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index fd4b4a5fed38..b92e786ad91c 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Wed, 04 Oct 2023 04:10:03 +0000 +Wed, 04 Oct 2023 10:10:09 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 3713d3adab6a..276c5a56bfe3 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -e0200868c5e75eb57e7355dc8786db0f79271aa3 1696337223 2023-10-03T12:47:03+00:00 +029e12731f29676d3f6ebed09f7747ee6e15c5e8 1696406561 2023-10-04T08:02:41+00:00 |