gentoo auto-resync : 07:05:2024 - 00:00:56

5 files changed, 69 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 3ad882f3b545..3e851356a9bb 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 572034 BLAKE2B 427e26e3706e8b7f4e943727b7a276ff31555d4a18c9abd9ac389162f60f359fabc5ad44aed1e3c3f6d38991598bc3ff3e531c1f963bfd5e7d187d907fd49f1b SHA512 3e6522dfe9208dfd01f7db32abf65212808c56cc43a74fe0a9b911b441ef07605f9d1faa6262dd0396662cdf416d987dd593b2bbc769fd24d997636dfd253b01
-TIMESTAMP 2024-05-05T22:10:08Z
+MANIFEST Manifest.files.gz 572194 BLAKE2B 736dd063af339592e54b5eb6a96b21fa114076b32923b0103db465e82be98d9a5dc5a73f66156af8907ecc1ce8bcd1ef8a09c8d98208c594ebc2cd3109b3d410 SHA512 b7dadaeb677f04cc391368d9d0aea276a0639d56dc6eaec3d59d5bbc8046775a8cf34c4047312d631a6f118781f907bf1c585178c705c0b9200dac6163ecedbe
+TIMESTAMP 2024-05-06T22:10:18Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmY4A8BfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmY5VUpfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klB1hw/9FJWD+3z3F7GiFMQbtCpoQxH3zSbDiUwjISq74qPnkdRsaVUt+F5iB5Nc
-jsB6L/H1INR2dq0Lmubx1ZoBm0FAlUr0wQ2s61lFE+Gg+3wGK193Cij8mouCTOz+
-6ne3bvKjBuAwTzk0G+gTKk0BCQyj4J24yGd3g8qnrbqC8YU4xtT4gVu9gT8WCDqM
-CT26IIJFS95IDg/NFA3eeGYAt+qn+3YPQjQ5pSHVEYH1XMx/xvc1MTEC56GLx6QZ
-oy2MgjjktWEY0C1CjQpG9eYf0g9iBOb1Ci68nmuwqbOmb5RRSGjNSM+F+/WHVHEA
-P00orxSlZJ4XK8Et8X/Aqkhjo/lJBe9eu6UaO/A3tQvMYamVGaC9lVfYmFuzD7Sw
-rtl/FWr9EWoaDyRsnvxLer9sM3YxKPygJ3WotclSCLK/oPIVxoW6L0M7mdi3rPFL
-zmrBNfenghURVEa6JHcdXNDuk141JM8y5roiAcdIOOIWrHCWOfK9vRmwTZwRH0RC
-VYCCOdjmO0IseXocl8XT0RFuOa0mqFT+xohViMPvAyNOsLcVjBimj9qSTFK9P5W8
-kDpQsD9+1LWuVNnIvxFNdFvGBn6yWHXb6Te7UzOSBrM/K6z76ysiqSCrcs4biQFT
-YhUK33qnyxLIUoumvJPPznsaAxoUfPmdLzxomN5MYLgdybYtIaU=
-=2pMK
+klC7HA//Q/IdUwO+Kpd3wfQxZDxUGt3meOmOY7Kw6/9LLQbPPKgwsdmuRELt8h9J
+DrMQjFdaP9qNl301nsanZwQM+GOjFdmhoMU79aYGkE8AOTkXQwpQf060LbpBpiec
+FhKdrqmZ/fwgCOkKWGH227opWjaebsFNqxks1CFSvETeaR3+WECvs6J9m4baOqOc
+GzQR74AGjJ5bpLTuXDwu8R8C6pBJNi/wBgMkxygaj9L2l4/thjXigbxr3GvW2Sam
+SXt5xAFQgE+kZ8LCeyQWjBsTb2G9dwU6ns1a2Oyn9UgMa2QeGSrthhJlYhvvJlSY
+lj54O2580B1qyI6kCo5m9t2dOFQXOXPhKBChilYkqX33CYHR6S9oC7zeLA5gircT
+qrLZ5x3By9gUXrKjqr0KDL/ceOWw9DM3U2cwEHxZBguUaje3K2SD8cvwvLXHp83J
+FAAlpPIAyAEX6BMxyiwFQh8gsXpcyytErOs7my/Xc8qhgSiHTwt9J9O3NQPnxKji
+hEo1vNjxuLTECTCq6kjzL5shH5VVvXARGNsTcqvimlKn2J7WGdsmBQEwLOIIXrA0
+WThbOvTu3tJ7NEQhOw4RizhlXCIqnogoEjlrHd3tnXt+4Bf7A/fyLImV/7+2Cl1r
+9oL6dxCJLMI/Vz0VVVHd+6H5c9PsI/Eohb9Dm80P1IPeXMzeM0Y=
+=bXMC
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 2cc0ec9712c8..c5bad3d1e52f 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202405-17.xml b/metadata/glsa/glsa-202405-17.xml
new file mode 100644
index 000000000000..07d4418f120b
--- /dev/null
+++ b/metadata/glsa/glsa-202405-17.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202405-17">
+    <title>glibc: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.</synopsis>
+    <product type="ebuild">glibc</product>
+    <announced>2024-05-06</announced>
+    <revised count="1">2024-05-06</revised>
+    <bug>930177</bug>
+    <bug>930667</bug>
+    <access>remote</access>
+    <affected>
+        <package name="sys-libs/glibc" auto="yes" arch="*">
+            <unaffected range="ge">2.38-r13</unaffected>
+            <vulnerable range="lt">2.38-r13</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>glibc is a package that contains the GNU C library.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All glibc users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.38-r13"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-2961">CVE-2024-2961</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-33599">CVE-2024-33599</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-33600">CVE-2024-33600</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-33601">CVE-2024-33601</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-33602">CVE-2024-33602</uri>
+        <uri>GLIBC-SA-2024-0004</uri>
+        <uri>GLIBC-SA-2024-0005</uri>
+        <uri>GLIBC-SA-2024-0006</uri>
+        <uri>GLIBC-SA-2024-0007</uri>
+        <uri>GLIBC-SA-2024-0008</uri>
+    </references>
+    <metadata tag="requester" timestamp="2024-05-06T16:20:24.087004Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2024-05-06T16:20:24.091368Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 49b43657b5bd..75526f1f978f 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Sun, 05 May 2024 22:10:03 +0000
+Mon, 06 May 2024 22:10:15 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 5f16a0b231ca..3b0047a72b19 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-c767a7641029f069d1d45e5c732d96ab77a03a45 1714899266 2024-05-05T08:54:26+00:00
+321e9a106808c3799e6007bf5459c5b6adb657a3 1715012485 2024-05-06T16:21:25+00:00