diff options
author | V3n3RiX <venerix@koprulu.sector> | 2024-01-10 13:02:42 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2024-01-10 13:02:42 +0000 |
commit | 8c8f1cfd2aa9e839aad7dad6fd43b370cfbc0a1e (patch) | |
tree | f7b0f94c13a0454ed75b614028f1455e894f28d2 /metadata/glsa | |
parent | 47f05d092ef8c19b3e973f62648e58c0e1a18631 (diff) |
gentoo auto-resync : 10:01:2024 - 13:02:42
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 560112 -> 560271 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-202401-13.xml | 43 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 60 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index a23ab1337c83..d8c046997c8e 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 560112 BLAKE2B 62dc2af41770d5f472a21d19df2e416ad9cbe69646a24bf9063fe3c7d7b36b835148ffdf730b030db456007d5c45044793f359e00e2a253deb71569680665419 SHA512 706f92b2205286e8d0fb7e749fe17d4549d6de84ffe61cf0dffaa61b0add9252e50b48bb8087005681251c1d71bdd6ced3ceb19b36ffd7e75d1709bc3aa98712 -TIMESTAMP 2024-01-10T06:10:30Z +MANIFEST Manifest.files.gz 560271 BLAKE2B 788d7d800c0cda76fd36e704c653a017e0745e9bb01350ea23c15bfb7c7d2ccbf2d1642309260d1234728ebba3fcb12dfa56f5a746e590036bf3b2bd162d2304 SHA512 1057c5d7357b4f952f1ae20e59f01992d95bfb67a14a419a2349e88e3ccccc40879bdf67c69b0a2d1c192af1a44dda8b074b2513672a6a571abaf442b2b628bc +TIMESTAMP 2024-01-10T12:40:25Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWeNNZfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWekDlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAQkw/+KdpJ5gGRgm0oihKIPya0kCuJDmtQmUnScZuRSwj7B9V04Jd4SOHyjpDq -1BnJdqYK1sGHGdpyHRvFQv2Dp9fsZh4EYgM0moOAhDwkJHoRwZR8RTgzN5xgGJRB -YSGzqs8vJ6AeSXNfQjY4Bhw0LdadDyACplmL/6tVgGZ/0P9E5opBgni2GOvFiSAZ -6VSlJId/zhJHLffkZPnegSSn38RwCdcNlciPZC/cZw4Q5KS/XcZ+4UJP+WkNwaGK -JmArXSbJAoe44suOXoqcAwZHi+NxGBlAGJ0XrzlnLXNBG4jNm/xpBJg/KVnAkCxC -N3h+/koxsaEdMnBKyKXVq4EFWC15pVJyoTa0c7hbfQY1VxmXbtMXWDxVV4hx6VEx -RRopxLSkJhsijKUNsOm/FwsshLb07xK/uFEq8hFJcWcnuPd2D3X18Azt6ceVN9Ry -4CcYiVtjbb6mNVEBhoje1ILlO+yP2DdMvlFuozJ6qerQ2TqKUqMyoNvJ2zwhvSxi -p8N4xji5FnBAxm2+OOTFwO2de/3/4ieHC4sauTTjMToaJDSzADklZ6tVjqgPnkx1 -a1f2Lt3qqg8CsqZUV/DALhER8vuSipyM9Z1BJ6G3dw6CF24AjFYcwBQlFpZUiDjn -EKtj0yeafAGBuiDxi53ahlruGTO08j3Jevd0byA0I0pHQ7J4QPk= -=Hi6+ +klBVAw//e/Rs5M0ailcOhkuMewVQzT1zzs6R3dsnf7x3tp4xUMtGLisQV+Y65mwc +rYUvSuepjxxtYvUEtFBQowJkHATukuS8vBlmEgBtcUZL0zTVmBuV6VBbZUyeQMlP +DtoHU+Y2b3A8umvvY/OKIgFU1EvKoe/XTtWfnuyb0/inN4sry9e+WaCEIhfadzgj +RmiXUSLE0nEjYn6veBRkv2z1fzIiz0m9hL6QHIyzU+dNCLxYVIvZmjdgnPHSJcvc ++HH2ln+MiOLhdq0iNX6/yEEp8C+YKKG7DXbveLFcnHNio7FwiR0J3LV14xYsGTKd +0d4SFKMIgAiEyJk1PNKCS3lSlWdm6kLnHpnDJIsMrIaEX/bRtQt1F4DuPyEFwb8p +AFWavGQ50HHjvcA07Eul97chDP6Gma1OUMZ8vB0WAJMoUHYqoxnaPO+h8Li9vcPq +327zxYYNqDfgZn7g1JrF70x3cJDVlHNS4RcUk5O3FcTRgit2qc7Vc2uDrfdjfoB9 +fwMqOM+LqudQAUFAZ/TEzFH8O9siY/Mm0dI+v/hfMOas/e2XfyQL61noZcZlD9LK +YJNcZXyyFgFaAQXMhWPbEYhVg9+5xcBlyzsu1PLVVh07Wkm6wjHUaYP93d2+SlMH +reEHuSVV2GxoAf8w/VLiZ5Cwd87ikUeEzP13im09v2Y56IF7Ctk= +=MgZs -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex f70ab963dbcd..eb8249987c2f 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202401-13.xml b/metadata/glsa/glsa-202401-13.xml new file mode 100644 index 000000000000..8b6fbe173b2d --- /dev/null +++ b/metadata/glsa/glsa-202401-13.xml @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202401-13"> + <title>FAAD2: Multiple Vulnerabilities</title> + <synopsis>Multiple denial of service vulnerabilities have been found in FAAD2.</synopsis> + <product type="ebuild">faad2</product> + <announced>2024-01-10</announced> + <revised count="1">2024-01-10</revised> + <bug>918558</bug> + <access>remote</access> + <affected> + <package name="media-libs/faad2" auto="yes" arch="*"> + <unaffected range="ge">2.11.0</unaffected> + <vulnerable range="lt">2.11.0</vulnerable> + </package> + </affected> + <background> + <p>FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="low"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All FAAD2 users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/faad2-2.11.0" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-38857">CVE-2023-38857</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-38858">CVE-2023-38858</uri> + </references> + <metadata tag="requester" timestamp="2024-01-10T11:43:50.951508Z">ajak</metadata> + <metadata tag="submitter" timestamp="2024-01-10T11:43:50.953718Z">graaff</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 31aef4586268..cd7f01691387 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Wed, 10 Jan 2024 06:10:24 +0000 +Wed, 10 Jan 2024 12:40:21 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index a60608a945db..d342da0701b5 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -17e2b155a748af5cd1276229d389b4641fec18c7 1704623514 2024-01-07T10:31:54+00:00 +a1eecf982df504f02f8b23c7cace982c168ea64b 1704887079 2024-01-10T11:44:39+00:00 |