gentoo auto-resync : 02:02:2024 - 05:44:58

5 files changed, 66 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index dfd3c31d5160..4fb7479a8dbe 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 563604 BLAKE2B d497f4e02c0349649ea1fd84297af45ff253c185da14e6dba30f010f40d1ab86fdeb750087d23d7e892d4b2a6c45bb36baacd75348d2a50c0dc3c70213c1836e SHA512 c8b2f6bb87969de216a6075f22dc589f34d03bc0cd503b9bbedb9672f2aa19209f4d1236cd3f9aaf54428705e66f266c37a1f0bdb30c6fdae78df87761e4d8da
-TIMESTAMP 2024-02-01T23:10:27Z
+MANIFEST Manifest.files.gz 563763 BLAKE2B ad08e0810fe103c6fa75e908cf8e2fc59829c625b62d3046da60e9504ee322b550dd80f2b55ca4966a6ca9514873f3ad3a971855512a73e5aa8af57c416df904 SHA512 686eceb0a4e973d3931559acc70bbca71af98c9816890a0c4197ac907326353d25dbfef06b2f26ca53274310cd12ab9ef6adfeddc7c3775d1fc39f927accf94b
+TIMESTAMP 2024-02-02T04:47:53Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmW8JONfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmW8c/lfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klDqyRAAqEb7Icqe5O4NApTfnauWvfua7ADkegv+V9Jz25LDDd8rpWb2r8GoAFxP
-UY0JIEwRhzjYAj6OTwBQtf7DEpT7L4YGScupfn6xbG++o5ods0NXFsogd2EDj0nb
-ZBINqVAlu67SC/He6Vj9nkppDeG92BFGeKP2VItsSG/dXt9ndPJIIyRJ+e0pd8fU
-xqTmJdko+AG1RRTjDSEI5LBgMCx5DJCi8HwaqOfS8+OaKVdkFWXAYVKO9dUInZjl
-nanqVXa+FLIY2zc2qRzxI9OoAfJ2wPKj73AKcfPo7Mx1QkKJS1EqrBv+hS/sTuRO
-EI2EEGE9XWK7M2yO+Kr/jSj0bTKedRl9SReodfo5Vv94vE927WZ7iK9293Ab12g8
-y+reHgwPWgu9hHYTky7/pWFvyy1ezBTSDy0dRavJiI9rly43AorJpGDzzHyIsxXe
-Dez+EkTHTkqyACeY8nnf7GqGDYyLbdlUjJplmqMLwX766LwHsjHQgxwDdQW7wIvS
-IdXHgaE59+8aUkUdTtxI6VEA+6oNHrids3yJJtcEGPi2oJU+BJVgvUSq0BbzU1hC
-MCLhxohOrae6NsD3lC+AxYx+C/16DfbXaKf/QBCVo7Kv3p9ozMwDgM6jgQp/kDxI
-cB1uBjXyxCdZ5yXnivCaAAeJka4ErM3xIRv70HxXcXR82eT1BaU=
-=rgBM
+klCH7hAAgs+CPumD+sat4WU05EU0hzaPhbXo05xIIv+L8xz9HY+pR0OUCzF6Dq3q
+b8xGv1T43BKzKqNnYTTmkjRwhaFfC9P/Wtlckdo3tnKOtpB8FOEcp8cvIt1NmMhW
++dqJDui01czTFX/ch2O7jgO2mUOQhNrKivPktBAqZLLryDJoU/GBEKTF27q7mXLw
+Awz+HH+FjuqVUnsgMmqayT98Aa3Qa8CeB/U/xlwm8hyHerwvBhFAbWeq7zMdDoZr
+0qJsjGtiv7dyLVmhpM8imVmgEFqu5MgZXMtuqxxH4IMiKbzvSEzko8JBLdxf/aQ8
+YwO1CazejNAY9AApqn1V3eefJ70hg0FhWWdXxJS0RSqZO8+uwOQAqTongZFN/ymk
+XaodUU+O4ZZahpQ4scJt6a2cKZ0WbqH55vveri4D+mP4M98S29Nmv5E3f/pGpRjs
+edsySK+nlKOJZhK2htKSI0rISZ8DtSdU7tmuSbH6GpjXldMvMXkZ7QJDjA7wS5kX
+Xxrw82CLFGokcEGWg7bLVHOL6jcJBxBg3ok9uveRT4Gy0gM53bZAb1ss5oXkW5Qk
+vPpTOoj9CvAwDm5qe4IM6lOqwn32+gqdZ08a5VIWmYRJttmbz9HIq6AlvrJzSra+
+jUiVBh5XrlJjXHiPF7A5AtxGu48FXsnUNJGEhD5srALQ9XBqNjY=
+=qYEi
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 44241c9c7a69..0935772a319d 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202402-01.xml b/metadata/glsa/glsa-202402-01.xml
new file mode 100644
index 000000000000..7fa0e51147ca
--- /dev/null
+++ b/metadata/glsa/glsa-202402-01.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202402-01">
+    <title>glibc: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities in glibc could result in Local Privilege Escalation.</synopsis>
+    <product type="ebuild">glibc</product>
+    <announced>2024-02-02</announced>
+    <revised count="1">2024-02-02</revised>
+    <bug>918412</bug>
+    <bug>923352</bug>
+    <access>local and remote</access>
+    <affected>
+        <package name="sys-libs/glibc" auto="yes" arch="*">
+            <unaffected range="ge">2.38-r10</unaffected>
+            <vulnerable range="lt">2.38-r10</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>glibc is a package that contains the GNU C library.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All glibc users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.38-r10"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-5156">CVE-2023-5156</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6246">CVE-2023-6246</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6779">CVE-2023-6779</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6780">CVE-2023-6780</uri>
+        <uri>GLIBC-SA-2024-0001</uri>
+        <uri>GLIBC-SA-2024-0002</uri>
+        <uri>GLIBC-SA-2024-0003</uri>
+    </references>
+    <metadata tag="requester" timestamp="2024-02-02T03:02:44.468870Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2024-02-02T03:02:44.472185Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 06f777526268..6ff4b901168a 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Thu, 01 Feb 2024 23:10:22 +0000
+Fri, 02 Feb 2024 04:47:49 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 7a936a895a15..982d77fc4215 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-8064a0b694d29fb2fca491d65494098fb43c2ffa 1706715575 2024-01-31T15:39:35+00:00
+1b3d5c5b8102daf085b27905a139c5e8c4c7d591 1706843003 2024-02-02T03:03:23+00:00