summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin462212 -> 462854 bytes
-rw-r--r--metadata/glsa/glsa-202003-57.xml20
-rw-r--r--metadata/glsa/glsa-202004-07.xml17
-rw-r--r--metadata/glsa/glsa-202004-10.xml57
-rw-r--r--metadata/glsa/glsa-202004-11.xml69
-rw-r--r--metadata/glsa/glsa-202004-12.xml75
-rw-r--r--metadata/glsa/glsa-202004-13.xml78
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
10 files changed, 311 insertions, 39 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 49bc42a5cc48..33929072fc57 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 462212 BLAKE2B 5776c6001abb402454a2b47a7b9bf3bf9047598d1aece9f78d5b9c3c27b9e2beb04358067b23d0aab0fa3a39a6704dbc7989395dc50e173ff19712be407974d6 SHA512 b5ee2fe405b23fa0d01a4455e021e430490898b9d86f37bdd8cdf6f3e1e612bc5782cde9c380e6d19690d6c9d75154b7ece632c229e69202510fa1255c1cb2a6
-TIMESTAMP 2020-04-12T01:38:57Z
+MANIFEST Manifest.files.gz 462854 BLAKE2B 45d9c39aed70715f733b66b45dc5f1269928044878c906083c6e7a076449bf75e0a2abc6b2094fac1caf94f820d8a437f66033fe5edd3675345689e5a3f2c6d8 SHA512 cdd4cb4b70565ed751e2fc667e7560d4b3105f046b9428886b70b2d9ea0dc778c9446a4556ccea472de31ef09973c16422f77c1b2e65175f6c4833f501c93cc8
+TIMESTAMP 2020-04-25T09:38:56Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl6ScTFfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl6kBTBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klA2DRAAiTm99vhWjrVbLyTspLIxWs+f341vqhSR6EQ84k1H/pKRoeywOosu+v3R
-BdECknFaydhSJg47U8hdOxn3DDywQy//55TuTN40jUS/kWyrEIMhpiRz3PvIl7Gl
-coLa52mwdV6GLywJKcsZwn1T0S3ttMDnmlBWn/EYnkOvbXV1vrn32obvcUbaUMMP
-C/ha+l2syTF73FJqr1EEjzq2aFxvcJNtojuHhNqeyfwJe+PEI0juLfMehrlucSsd
-7+zAk+srYuBo6p0KrOwXno5Uj4griXaT7JJhe2t78ruqwHOMwQQzF0f8l/hRHs3O
-p6dKK4cyAbU03tGCfAuw9BPyCYlGCDzJbD1GPmfM5FP4ywFZxWHG+enfgoUjFwvI
-Q2YiBT/sRzajy0jjbS/XZZ4CabIQPI40+WRyEatcrEx3IoiwcpMbiwngwlqVg4wf
-YLAAWIGcsQiCD42TbY1UOXApUT4eVLRQHPVK/gVJGQeF8ODRh+I5Ie2kC3oi5yGN
-8APaSiS1jGARXWcNc5PhVlkNUW6TtE6AWciUwVlM7S2112Hy27/2TrW4UEzHyvWX
-5HMwTGblMzdSpSlerwjF2HikolBD7KbmqmFJzvPD78LbibRib2F3P+7I40v67Uoc
-MP/sUqUU3ZOMwAO/YUV5tj+MDxqhESs+O/HHbXWgc89AZjGjMmk=
-=PlQ9
+klCcXg/7BNzMr/mNPnHYxDfDRe4oxPQRKDMr1qdDJpwbsh8OJkz5uJfc7W2wRUYJ
+RGaQ9tGkZ8ih3qyETN4MyLIUU28kXcKBY+BJHQtHTlt3J+idwN+vAJJG1HZbTM6G
+L4u2PxciwU2Jwnyj5Xv+R04iRpbOp03aMYk3O8vw1kE84eEWQoYzSl7rsNqVAJtO
+58bQ/ez8BxFjSERAhCviFjQL8u3izCGVwWq6Ecw/rJaI/1h17s/9ps/wytgXCB1w
+z1tLDdUHAlQKOdQ6F/htu6r2jS51ucRZr+asQRZ8UeamFTLW53n4Sqgw408WEb1C
+fWPrxE/Q834drYte/z9lORGOjn6q+Gqw5oeNcTGCbTcN4s2VtEUjvycWeG99XJY0
+zuBgJSj4JrdNfiuEJwiaFiH9L4KqCcrGjatqzSzUA2tzjrO8W1SBXFtTLaIoYA6j
+4aYutgnQqpKkjLhb+c3JblZf2BtqOFCm1Dm7C2pHDwpi/50t5w7jkKTN86sUouZw
+NvwSzhLsAAdx5S3WWnMKcVDLGm8hUkA7ye9xuLr+Mm2Mm3zfNPUrcBLhd5vkfQsJ
+LJqGMG9Wc5C8rJ3KztPMp6atUEMCGCXVFi+2zfk3qhXjfkV6Z1vUOnIDetPVpOhQ
+n4u7WpbM9EuZwBGo1FVq32+0OJXMAkuH/oo3CX+XVKH0dLAEKxc=
+=6TvA
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index e387e538aea7..c466aa961150 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-202003-57.xml b/metadata/glsa/glsa-202003-57.xml
index 507ece2ce63b..a2f96097945c 100644
--- a/metadata/glsa/glsa-202003-57.xml
+++ b/metadata/glsa/glsa-202003-57.xml
@@ -7,7 +7,7 @@
</synopsis>
<product type="ebuild">PHP</product>
<announced>2020-03-26</announced>
- <revised count="1">2020-03-26</revised>
+ <revised count="2">2020-04-23</revised>
<bug>671872</bug>
<bug>706168</bug>
<bug>710304</bug>
@@ -15,10 +15,12 @@
<access>local, remote</access>
<affected>
<package name="dev-lang/php" auto="yes" arch="*">
- <unaffected range="rge">7.2.29</unaffected>
- <unaffected range="rge">7.3.16</unaffected>
- <unaffected range="rge">7.4.4</unaffected>
- <vulnerable range="lt">7.4.4</vulnerable>
+ <unaffected range="ge" slot="7.2">7.2.29</unaffected>
+ <unaffected range="ge" slot="7.3">7.3.16</unaffected>
+ <unaffected range="ge" slot="7.4">7.4.4</unaffected>
+ <vulnerable range="lt" slot="7.2">7.2.29</vulnerable>
+ <vulnerable range="lt" slot="7.3">7.3.16</vulnerable>
+ <vulnerable range="lt" slot="7.4">7.4.4</vulnerable>
</package>
</affected>
<background>
@@ -44,21 +46,21 @@
<code>
# emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.2.29"
+ # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.2.29:7.2"
</code>
<p>All PHP 7.3.x users should upgrade to the latest version:</p>
<code>
# emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.3.16"
+ # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.3.16:7.3"
</code>
<p>All PHP 7.4.x users should upgrade to the latest version:</p>
<code>
# emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.4.4"
+ # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.4.4:7.4"
</code>
</resolution>
@@ -74,5 +76,5 @@
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7066">CVE-2020-7066</uri>
</references>
<metadata tag="requester" timestamp="2020-03-26T13:24:45Z">whissi</metadata>
- <metadata tag="submitter" timestamp="2020-03-26T13:30:45Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2020-04-23T15:24:32Z">whissi</metadata>
</glsa>
diff --git a/metadata/glsa/glsa-202004-07.xml b/metadata/glsa/glsa-202004-07.xml
index cf8709bebe4e..bf1eb98a489f 100644
--- a/metadata/glsa/glsa-202004-07.xml
+++ b/metadata/glsa/glsa-202004-07.xml
@@ -7,14 +7,13 @@
</synopsis>
<product type="ebuild">firefox</product>
<announced>2020-04-04</announced>
- <revised count="1">2020-04-04</revised>
+ <revised count="2">2020-04-17</revised>
<bug>716098</bug>
<access>remote</access>
<affected>
<package name="www-client/firefox" auto="yes" arch="*">
- <unaffected range="rge">68.6.1</unaffected>
- <unaffected range="rge">74.0.1</unaffected>
- <vulnerable range="lt">74.0.1</vulnerable>
+ <unaffected range="ge">68.6.1</unaffected>
+ <vulnerable range="lt">68.6.1</vulnerable>
</package>
</affected>
<background>
@@ -43,14 +42,6 @@
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.6.1"
</code>
-
- <p>All Mozilla Firefox users should upgrade to the latest version:</p>
-
- <code>
- # emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-74.0.1"
- </code>
-
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6819">CVE-2020-6819</uri>
@@ -60,5 +51,5 @@
</uri>
</references>
<metadata tag="requester" timestamp="2020-04-04T10:59:17Z">whissi</metadata>
- <metadata tag="submitter" timestamp="2020-04-04T11:03:31Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2020-04-17T23:06:54Z">whissi</metadata>
</glsa>
diff --git a/metadata/glsa/glsa-202004-10.xml b/metadata/glsa/glsa-202004-10.xml
new file mode 100644
index 000000000000..0ba5c017fafd
--- /dev/null
+++ b/metadata/glsa/glsa-202004-10.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202004-10">
+ <title>OpenSSL: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities were found in OpenSSL, the worst of which
+ could allow remote attackers to cause a Denial of Service condition.
+ </synopsis>
+ <product type="ebuild">openssl</product>
+ <announced>2020-04-23</announced>
+ <revised count="1">2020-04-23</revised>
+ <bug>702176</bug>
+ <bug>717442</bug>
+ <access>local, remote</access>
+ <affected>
+ <package name="dev-libs/openssl" auto="yes" arch="*">
+ <unaffected range="ge">1.1.1g</unaffected>
+ <vulnerable range="lt">1.1.1g</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer
+ (SSL v2/v3) and Transport Layer Security (TLS v1/v1.1/v1.2/v1.3) as well
+ as a general purpose cryptography library.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in OpenSSL. Please review
+ the CVE identifiers referenced below for details.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker could perform a malicious crafted TLS 1.3 handshake
+ against an application using OpenSSL, possibly resulting in a Denial of
+ Service condition.
+ </p>
+
+ <p>In addition, it’s feasible that an attacker might attack DH512.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All OpenSSL users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-libs/openssl-1.1.1g"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-1551">CVE-2019-1551</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1967">CVE-2020-1967</uri>
+ </references>
+ <metadata tag="requester" timestamp="2020-04-23T14:05:13Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2020-04-23T14:18:55Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-202004-11.xml b/metadata/glsa/glsa-202004-11.xml
new file mode 100644
index 000000000000..93f4d50ba835
--- /dev/null
+++ b/metadata/glsa/glsa-202004-11.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202004-11">
+ <title>Mozilla Firefox: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+ worst of which could result in the arbitrary execution of code.
+ </synopsis>
+ <product type="ebuild">firefox</product>
+ <announced>2020-04-23</announced>
+ <revised count="1">2020-04-23</revised>
+ <bug>716644</bug>
+ <access>local, remote</access>
+ <affected>
+ <package name="www-client/firefox" auto="yes" arch="*">
+ <unaffected range="ge">68.7.0</unaffected>
+ <vulnerable range="lt">68.7.0</vulnerable>
+ </package>
+ <package name="www-client/firefox-bin" auto="yes" arch="*">
+ <unaffected range="ge">68.7.0</unaffected>
+ <vulnerable range="lt">68.7.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+ Project.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+ review the CVE identifiers referenced below for details.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker could entice a user to view a specially crafted web
+ page, possibly resulting in the execution of arbitrary code with the
+ privileges of the process, an information leak or a Denial of Service
+ condition.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.7.0"
+ </code>
+
+ <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-68.7.0"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6821">CVE-2020-6821</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6822">CVE-2020-6822</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6823">CVE-2020-6823</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6824">CVE-2020-6824</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6825">CVE-2020-6825</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6826">CVE-2020-6826</uri>
+ </references>
+ <metadata tag="requester" timestamp="2020-04-16T06:32:49Z">BlueKnight</metadata>
+ <metadata tag="submitter" timestamp="2020-04-23T14:28:43Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-202004-12.xml b/metadata/glsa/glsa-202004-12.xml
new file mode 100644
index 000000000000..62bf7158b755
--- /dev/null
+++ b/metadata/glsa/glsa-202004-12.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202004-12">
+ <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+ Chrome, the worst of which could allow remote attackers to execute
+ arbitrary code.
+ </synopsis>
+ <product type="ebuild">chromium,google-chrome</product>
+ <announced>2020-04-23</announced>
+ <revised count="1">2020-04-23</revised>
+ <bug>717652</bug>
+ <bug>718826</bug>
+ <access>local, remote</access>
+ <affected>
+ <package name="www-client/chromium" auto="yes" arch="*">
+ <unaffected range="ge">81.0.4044.122</unaffected>
+ <vulnerable range="lt">81.0.4044.122</vulnerable>
+ </package>
+ <package name="www-client/google-chrome" auto="yes" arch="*">
+ <unaffected range="ge">81.0.4044.122</unaffected>
+ <vulnerable range="lt">81.0.4044.122</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Chromium is an open-source browser project that aims to build a safer,
+ faster, and more stable way for all users to experience the web.
+ </p>
+
+ <p>Google Chrome is one fast, simple, and secure browser for all your
+ devices.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Chromium and Google
+ Chrome. Please review the referenced CVE identifiers for details.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker could entice a user to open a specially crafted HTML
+ or multimedia file using Chromium or Google Chrome, possibly resulting in
+ execution of arbitrary code with the privileges of the process or a
+ Denial of Service condition.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Chromium users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ "&gt;=www-client/chromium-81.0.4044.122"
+ </code>
+
+ <p>All Google Chrome users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ "&gt;=www-client/google-chrome-81.0.4044.122"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6457">CVE-2020-6457</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6458">CVE-2020-6458</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6459">CVE-2020-6459</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6460">CVE-2020-6460</uri>
+ </references>
+ <metadata tag="requester" timestamp="2020-04-23T14:33:31Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2020-04-23T14:36:00Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-202004-13.xml b/metadata/glsa/glsa-202004-13.xml
new file mode 100644
index 000000000000..35827af3016e
--- /dev/null
+++ b/metadata/glsa/glsa-202004-13.xml
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202004-13">
+ <title>Git: Information disclosure</title>
+ <synopsis>Multiple vulnerabilities have been found in Git which might all
+ allow attackers to access sensitive information.
+ </synopsis>
+ <product type="ebuild">git</product>
+ <announced>2020-04-23</announced>
+ <revised count="1">2020-04-23</revised>
+ <bug>717156</bug>
+ <bug>718710</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-vcs/git" auto="yes" arch="*">
+ <unaffected range="rge">2.23.3</unaffected>
+ <unaffected range="rge">2.24.3</unaffected>
+ <unaffected range="rge">2.25.4</unaffected>
+ <unaffected range="rge">2.26.2</unaffected>
+ <vulnerable range="lt">2.26.2</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Git is a free and open source distributed version control system
+ designed to handle everything from small to very large projects with
+ speed and efficiency.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Git. Please review the
+ CVE identifiers referenced below for details.
+ </p>
+ </description>
+ <impact type="low">
+ <p>A remote attacker, by providing a specially crafted URL, could possibly
+ trick Git into returning credential information for a wrong host.
+ </p>
+ </impact>
+ <workaround>
+ <p>Disabling credential helpers will prevent this vulnerability.</p>
+ </workaround>
+ <resolution>
+ <p>All Git 2.23.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/git-2.23.3"
+ </code>
+
+ <p>All Git 2.24.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/git-2.24.3"
+ </code>
+
+ <p>All Git 2.25.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/git-2.25.4"
+ </code>
+
+ <p>All Git 2.26.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/git-2.26.2"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11008">CVE-2020-11008</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-5260">CVE-2020-5260</uri>
+ </references>
+ <metadata tag="requester" timestamp="2020-04-23T14:48:48Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2020-04-23T15:16:30Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 5259482477da..64d6d4b98f8d 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Sun, 12 Apr 2020 01:38:54 +0000
+Sat, 25 Apr 2020 09:38:53 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index e60cae01f3fc..eab48bd233f7 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-f2cb9b0eb0e16fd065838568dbe36727be807027 1586556154 2020-04-10T22:02:34+00:00
+5f514a6bc0b6082d08328fcc290cbba6761ee102 1587655514 2020-04-23T15:25:14+00:00