summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2018-04-14 01:05:40 +0100
committerV3n3RiX <venerix@redcorelinux.org>2018-04-14 01:05:40 +0100
commit76cba73c47c8694e74377004634daca18f2d9c08 (patch)
tree468603ebdc189bcfae77696162761b3be936baea /metadata/glsa
parent6957f5c65b02bba533954eabc0b62f5de36be206 (diff)
gentoo resync : 14.04.2018
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin421068 -> 421225 bytes
-rw-r--r--metadata/glsa/glsa-201804-11.xml61
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
5 files changed, 78 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index d06381fc60ff..b0172a3a6dca 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 421068 BLAKE2B 7dadce7e4b041a3441a6b63ed7a860af4bdcb72f0c20dfbfdd9e4fb6e577a48f6a4fcb0599fba15eed3a96fa7c8c225773cd2e3d3942a286fd74ab527c15651e SHA512 acf6ff1943f0998753e92be7360ecf6e135b838a2681d49f8c91bef5155aaca01686c562e9e52ce269826b172b3f86851233b7716507c7b52394116ff6101c02
-TIMESTAMP 2018-04-10T15:38:31Z
+MANIFEST Manifest.files.gz 421225 BLAKE2B 3ea0f2afdb7fa11952c73e1802a82ddcb4bbe95b75606861aa9d94acba35691b97854b65d7d3bec40e0f5f2ef206de903696db876b0bd6db34bb27aaac0696b0 SHA512 76fd57544ae0eee9baf3d5b9e8ef3b04f05195897cba1f495609eaed7c83e275ffa678d92f50587d688bf40cbb1147872efee9d9634b6c45b00f94da4fa7cdc0
+TIMESTAMP 2018-04-13T23:08:32Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlrM2ndfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlrROHBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klBM2hAAhxjdROZlLwG2CxokiwKkVTLMepPK80nnhs85wEgE/DD4+zDo7qeKsRvi
-24x/hzxUrr+B82GoEGK6nhCq90CCj54FMZNu+3csa8T8JaFJrzJ+HAU6iNtfdKjE
-vMsE6Vdvehx6pgTEmVXrcc0iGQHKu8FNItd4z6MXvQg6s7UUJqdhw+mIV1t7jOB3
-rbGrzpYFgn1fZggmRrhIk82Lf3cTlSe5AU5/3625wrYpNUkYzS0cgkIA+vTjWo0N
-2bOpNXSJQobx1mILAivJHyjcz2TU38Po63soohfjyj1qpDF1FNKcYaidbR7ytFXS
-V3NmV0eoXmstXDMBsH1r01YtVxs6zpHSWkoZDEZTixGGxhJdPqyO0eQo1fCzCg0k
-AlIDdmNkfZAJiguSz8ZOjhIbhBrED7jyxl7q6bkfzC99rJwLSHeXk4h9bsGNdcFG
-WKByqf2HACL8J+XRpiwUX/lF8YxQ6PkXr3fWi4/i6zrGMa/Mu2U+RKDzFEHTTbXc
-nPuk4fY8aQt1FCXIjqBWUmhy4S/8VFCYKzru+s7NWNxFQsTzVXA8A5E4/KxOO4Ui
-jkUACXpPNWH/wAN55j5kZ4GwfvNDhQZ2Q/kiQAAWkcKUoYrQVrfB/gPy+eTTfa6N
-naEOmfnrFKuN0C0rYr6iLloS79cwvVSqZw2IjNsrcvAB7anhlUM=
-=iVON
+klAE4w/+PF7xO8QJUYsybzrs5McZdWx5a55vucu4rWgu22UravTxNi+zYx/rbOcA
+0KC5I8lcDaF6RHxhLYWaXYn857htwcwHjuV1l/gk1hch4+Vj5EbvMSTmpyIbHZHI
+IcImx05DmETrdPzd61jSPby5056vzdqbQn0w1Ap0X8Vojh8csZ+q34azTahIlH84
+/mTbq3ZmZ9AVbda6ML7yIBoEJz5Epku9tVl4rCHcRVq3VIHNZeNgUspLqEoGU0JQ
+GUI8AOHGS+/F8LzcKzk4Gqj/Z+EVIWRQjWJDcyadS+yphLk2Y1OzSJ1zx0SJqsd5
+V/6ONBmOoCteY5G/asdGh07pIxPuZG6Nni1H8ZcX2ikj/Wgtab9g0rp3EtTcd1nF
+to/7VPbK5suXtjVcFl56Qk2uGmdDucNB16p6FCxv51xmf7OIQq0Vq1Wb7U1PtqDf
+YB8wlVYnYvTHclmwrUIapfOK3Aiu+Pc0RqP7Z9iN8uPVxNFgpROOvjrEfYD25ekC
+qymxYpdzIzSfI0+ubVb+6FMzym47I5caUifO95leXdY+/HNQfR+sKAobX0hters+
+j+2pi4rQhkQ8mpmyeq0GvyiMKU/DkrObVuw1UAOR+64Ypia14X0ip+dIt0C9ufVr
+eZO8fcPYaihUF+tMrahdpku6vjr2jAABdxUn6YhhF96t4di3Ek4=
+=iXP5
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 0c5cc77ecc00..2e79d14541e9 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-201804-11.xml b/metadata/glsa/glsa-201804-11.xml
new file mode 100644
index 000000000000..915c8d2867c7
--- /dev/null
+++ b/metadata/glsa/glsa-201804-11.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201804-11">
+ <title>Adobe Flash Player: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Adobe Flash Player, the
+ worst of which allows remote attackers to execute arbitrary code.
+ </synopsis>
+ <product type="ebuild">flash</product>
+ <announced>2018-04-11</announced>
+ <revised count="1">2018-04-11</revised>
+ <bug>652960</bug>
+ <access>remote</access>
+ <affected>
+ <package name="www-plugins/adobe-flash" auto="yes" arch="*">
+ <unaffected range="ge">29.0.0.140</unaffected>
+ <vulnerable range="lt">29.0.0.140</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>The Adobe Flash Player is a renderer for the SWF file format, which is
+ commonly used to provide interactive websites.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Adobe Flash Player.
+ Please review the CVE identifiers referenced below for details.
+ </p>
+ </description>
+ <impact type="high">
+ <p>A remote attacker could possibly execute arbitrary code with the
+ privileges of the process, disclose sensitive information or bypass
+ security restrictions.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Adobe Flash users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ "&gt;=www-plugins/adobe-flash-29.0.0.140"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://helpx.adobe.com/security/products/flash-player/apsb18-08.html">
+ APSB18-08
+ </uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4932">CVE-2018-4932</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4933">CVE-2018-4933</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4934">CVE-2018-4934</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4935">CVE-2018-4935</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4936">CVE-2018-4936</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4937">CVE-2018-4937</uri>
+ </references>
+ <metadata tag="requester" timestamp="2018-04-11T11:03:48Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2018-04-11T20:08:20Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 688d03838185..d573ad74ec83 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Tue, 10 Apr 2018 15:38:27 +0000
+Fri, 13 Apr 2018 23:08:28 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index f481b3dc7443..154e4764a7e2 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-6d341a6c00fd52a41ddaf7e932d941b6c7f9bf88 1523293654 2018-04-09T17:07:34+00:00
+61614754c5c47e19e67ecfbc5307d90c6d8b3d1f 1523477362 2018-04-11T20:09:22+00:00