diff options
author | V3n3RiX <venerix@koprulu.sector> | 2024-09-24 01:25:20 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2024-09-24 01:25:20 +0100 |
commit | d80b870c42fbe218389ffaf86f0f2a39404deca1 (patch) | |
tree | 3be15ebcfb876f660fe2f2b0d02f8bca68e41622 /metadata/glsa | |
parent | de59eb4554f5fe0d506a66bb96630a35f99c09f7 (diff) |
gentoo auto-resync : 24:09:2024 - 01:25:19
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 588370 -> 588531 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-202409-20.xml | 51 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 68 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 65362c0cec26..a6a8b0643b56 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 588370 BLAKE2B f495c00819858399f9c4e7652d637570436f076630fa2fc4800ddf34885210fb91bd7c12f91ce7ade4940796d66018d85520a5d35b7b1ff8f652e76f28f1d4ba SHA512 38849dbaf4ed005f716f199bf64f2a61c41194f77e951006c230efe4b69c16d6588767174dbd0d98bbc887c6a3d43322070c6d8dc4011f90da0a8dbec61db515 -TIMESTAMP 2024-09-22T23:40:13Z +MANIFEST Manifest.files.gz 588531 BLAKE2B 3d83a66d9c762955ba134aea6253e48c5f33b610ac0abc6f10cedd45b687dae99d8b74290e6f92ba6c9a33c4195523812d85c6c5ad730ad640e7adc2454206d0 SHA512 6413c60682e5f6ed998faa702d52a254f7a124cc29c7adba0a99a08aa315c2dc44d48331f0154669e4067f28194b9628445a0fd685284a0bcdbe57a764951e49 +TIMESTAMP 2024-09-23T23:40:24Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmbwqt1fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmbx/GpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klBDwhAAg3bxHf4mzxiPxbxX8+s1UQtEyLZ9paSXHndkDa63lPW3/qbk5bOZtcrs -V5ZTKFx7QGY3ufz+FNplPNxcDJ8QKXsIDBJbQHnOhkWngtoa654kRcDrMv5bqPO+ -pxnmaGtNktNJZa6qon7DXekYfDUpsVu4HHw1/vudZl4hiwc1JwsUvGAa0BJcMNIf -4KCVVGOppCcKa8ajDTbDuvcXi8qXKQ5ibPlBzTnTOhpDyc0GLmGFMbOLqhuCL6td -RJMRgCuBlVNDOLo5bXMXR/gwiEmoVqw/inXQnw5BfbCWdlP7a6r0GFFkj8hUvI0H -YqqOv3tWgMcR+4rMADwvsVDpQs4xFplpFZ3/vGXCePHEJDp4CyPbRDbDsHjAQ21S -OMLSCdDckQEooG6/6iA+FPXYdCYm3hbCKl0luBm4DaI95DAO0xDrT7nOPHo82oVD -ZkXPq1igX5jstGJiOYKP89Wm9QY/HD/fRMC/Z09JHb20CjKfWYQiuqBWAGWZ1Rto -Lf/wREioH2/UgYp+OaFZ2ewEASf8AkL5zB4lvGRexAelIO1RviFNkCzcrIUJ6aXb -uFC0OCDVLIF9kHNd0fyr5t7YPWLnzYD97pS/lZ+lJCvvA0CTbFXYgTvqhFGLHhch -QmD/TBCMPaRhNZ2cJ2obKSpsMib+cDYWGpZH055sLF5QnwFi8E0= -=OzuT +klAFug/8D9l9mftSYDgXWElprKOgccx44uDyz+Wk/LoI8kNPGB8PnMTBpbamKY3/ +cgqPJkS/rOuUBn2Fk3RV18xnByEV+tR0kgKHFilgzYZZ4+NdTwgQjOJP1kg9I1eI +XDGtrJHpueoiS/EswrU++h1kuDBV4YsFLjSeNV1a9MV2q6yF4GcaXtCHxhgwZWzF +erNQ6kionzVQDzbSOceCmS2h8wZtUCul/yWg5fVrKTlmtzHx9+rkMD2DPXKFdR/h +N+s0nQWuj2TDKHFIVDBIYJ5BF9m7V1hQNIXc9cHk8W5TJQLwAdlsfEq7ZQ6gu5AQ +0sCS3G6VqO2upLxrR/UkQK5sF9RySdGRIDGpNnjdS4xkWIRF2Q16ksxpa9dv5AiT +PbSzwlwBdDFc/mOLxAMKLdLEe+ADRC6AqIMrqKx7flzNj1S072E1J1TVB7tafJdu +FKaEznpBRPbBtQoSsl32wfVOBGdwj5f8cogdRt8tvO8juBz1jTYpvv7tPYStdYmF +EHxfOWRKyn34DEcx53HQUsqtOC4jw6FUL7/jzfP0/LcKpXF5Z2S3bl0b8aNKWkhK +rKeFcDJbtMB/wBmo/Axfh9NsK16pNhiF0y/cIfnxXJ4AIPgmSOFSk/vnLrbdNxJf +GdXya78fexJPmQ82udR6t94W2hBFK3V/fhTg/4hyU6iCE1bRmAI= +=Ofvz -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex 1c5c3851b1f5..15a50bac9716 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202409-20.xml b/metadata/glsa/glsa-202409-20.xml new file mode 100644 index 000000000000..0f55e4837a0c --- /dev/null +++ b/metadata/glsa/glsa-202409-20.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202409-20"> + <title>curl: Multiple Vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.</synopsis> + <product type="ebuild">curl</product> + <announced>2024-09-23</announced> + <revised count="1">2024-09-23</revised> + <bug>919325</bug> + <bug>919889</bug> + <bug>923413</bug> + <bug>927960</bug> + <access>remote</access> + <affected> + <package name="net-misc/curl" auto="yes" arch="*"> + <unaffected range="ge">8.7.1</unaffected> + <vulnerable range="lt">8.7.1</vulnerable> + </package> + </affected> + <background> + <p>A command line tool and library for transferring data with URLs.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="normal"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All curl users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-misc/curl-8.7.1" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-42619">CVE-2023-42619</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-46218">CVE-2023-46218</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-46219">CVE-2023-46219</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-0853">CVE-2024-0853</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-2004">CVE-2024-2004</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-2398">CVE-2024-2398</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-2466">CVE-2024-2466</uri> + </references> + <metadata tag="requester" timestamp="2024-09-23T05:53:30.922445Z">graaff</metadata> + <metadata tag="submitter" timestamp="2024-09-23T05:53:30.926884Z">graaff</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 9893824f6eca..8fd16c406a3f 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sun, 22 Sep 2024 23:40:10 +0000 +Mon, 23 Sep 2024 23:40:19 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index fb54db6a96f5..98677f8c2800 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -c5244efc38e02f2f0af5af93f3b49a15bf368da2 1726995862 2024-09-22T09:04:22Z +b04b4f7e697b62c8b67bd3c4bad5d6903b20f23f 1727070820 2024-09-23T05:53:40Z |