summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin519553 -> 520976 bytes
-rw-r--r--metadata/glsa/glsa-202208-06.xml48
-rw-r--r--metadata/glsa/glsa-202208-07.xml42
-rw-r--r--metadata/glsa/glsa-202208-08.xml147
-rw-r--r--metadata/glsa/glsa-202208-09.xml55
-rw-r--r--metadata/glsa/glsa-202208-10.xml44
-rw-r--r--metadata/glsa/glsa-202208-11.xml43
-rw-r--r--metadata/glsa/glsa-202208-12.xml44
-rw-r--r--metadata/glsa/glsa-202208-13.xml42
-rw-r--r--metadata/glsa/glsa-202208-14.xml165
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
13 files changed, 647 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index a7f4e91f919d..3b31a2898f90 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 519553 BLAKE2B 95b916bb9f20b609241e18817604d9aedbd9b94266162c0ae72c4075b346239f9bd4fbc73135a0dac0faa2a62330ae77a5fadd98fff5b4147580808a7c200ffe SHA512 4eb7457d78ec74e73c36af46d3c675bcb9bc9cf33d2f1fde05df8e517560b480fc8f920df111c03877fd301aeb0d0d260bbfc22b80cd0d7497e107fd5ded7e3c
-TIMESTAMP 2022-08-10T00:39:59Z
+MANIFEST Manifest.files.gz 520976 BLAKE2B 7dfaf17999dad5e80e78ca82a3453bad0d1dd93080c368421ff47c3671435b97874f1120a4f79883a4be6eef4c4ca625a2780e2baa63a836f2c65b64d721932b SHA512 b7a8242e7f468835252f7166256d06fc326a7b57876a83546b977c0010c88282d7526387515ddfdc846408f5965fd794a2d8be4351a3422ce499e998eaf2eb90
+TIMESTAMP 2022-08-10T06:40:01Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmLy/l9fFIAAAAAALgAo
+iQKSBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmLzUsFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klAC6A/+LJr+UH8CK5uDEZ9c7Av6cVlTQb27eLijA73S3AYHshWIC30iiwuWYv8/
-jUwdf6nFK0Ldv2Lk5IWBzP/jHKgtwHnGDhq5cf67dNnR7iP7f/CrsrNGkpa1vTHu
-yyzBX6KJd/p+g5cZiEQ9NuRocubgdWOG3Oqz59fp6e+3C1NNKlV78RVTTjzd2ABM
-v598dcd7S02zGKbKlGUQbdpwFbps1uGiywxprr2JYu1M7ntJkhGtJ1kxJb9zjv6M
-G6anVW5fAEGBUwVO260D+7OvVho3bim6SEZih0H+Go040sN6kbKlR5eTgKjc8NVq
-z8Wsc2vJYm3bdrTmjD6Zg1n+yF/FucrdZk1HmO3faW19v9bXgObQ6iVIlZoGeZZp
-ai/d6dwFwZCHwMXHqBUEdAFflBSt3BuEV2LB3Sy8wgUgabN/tO7/CpnnKKBdFIjP
-FYqMXrRoi+DS7+hSmxeQQVZftGo7ejpY2MiGiNepMLIFRUDHk0TNyk2HzkxcGM+2
-e4DUx5zD/+V2HfReExy1uGgK98l4mcd/R75EppEAv/6ZIDNuLRINlIore7wWoXlX
-NJkQqrbbejLV4uqAqoWz216w73go4SU/yCAy35TNVMdCrcmQ5GHP/+MCsBCSlFep
-ns1kekToN94qoLPU1YDtdK/d3MFbkfdQE/B5m40gU1L3hV5p3Hk=
-=3j5P
+klAf8A/2Ll3bnLdG5rVjUf4BFHaJkwKD/N2oLkaqHSN/P5FwCjuxkIXoR8Ufn8an
+OniZ9kPpyNNTDXYljRdRvlC+P8NjATTM/omp3Zsc2/P9R/KtqF4a/3c6/P5tkN+p
+vNcvrEfUvXx6i9hoYW3Y3nGrN21OuIP6jqvfNPguOxs1zPMnknouvb9MW0w1jsiy
+WpBGUtq9ciIINICrqNex1fxbhpl41CyggdE8wQsNBHj/2ae+KI7sfh+5mj34y5gs
+MyB0vMyU3uutRWk5NoHUJlZ1KHr0p48+d/lfRF3GIdjqC98YkdyEan72BbWauo03
+vOIToOHK70HiE1FxMgEGvemNe+4UFDGPVYsEQ6TEcJ6evMWwId8FqtdzY4uIsGv4
++P6uzYV8Gm2QMYXLtorrvRf9yV9kHFwdfS7JJtQEWU8kl/a6ypj38L7LSQ275cLl
+L7YHEdgD0urIuzK/zyT0FF2p5t6PhrtmFPczwjkaYBkBy1PJJCH8o5pcy8YKkK8Y
+ckA9nvVLkjn5uzNlfKL4p9gRspu1a1J4hhBZZ2LlMlXcgWMOUgKIBAg/nsf739Hj
+zMwZykwhhAOaqODZBnxKgJnodRa8ZioXtO8VXG/JpevsC5W+BZ9dZhv3ilzgIDob
+SHv4qhyFLaO2/ZsUr1WJKrRqxtVKhAAMKZvfwvTJZKQ74oSU/w==
+=sz+k
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 5b6ba51e4671..2b18dab9db4f 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-202208-06.xml b/metadata/glsa/glsa-202208-06.xml
new file mode 100644
index 000000000000..825a5a80eb6e
--- /dev/null
+++ b/metadata/glsa/glsa-202208-06.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-06">
+ <title>lxml: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in lxml, the worst of which could result in denial of service.</synopsis>
+ <product type="ebuild">lxml</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>777579</bug>
+ <bug>829053</bug>
+ <bug>856598</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-python/lxml" auto="yes" arch="*">
+ <unaffected range="ge">4.9.1</unaffected>
+ <vulnerable range="lt">4.9.1</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>lxml is a Pythonic binding for the libxml2 and libxslt libraries.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in lxml. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="normal">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All lxml users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/lxml-4.9.1"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28957">CVE-2021-28957</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43818">CVE-2021-43818</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2309">CVE-2022-2309</uri>
+ <uri>GHSL-2021-1037</uri>
+ <uri>GHSL-2021-1038</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T03:53:32.555864Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T03:53:32.562720Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-07.xml b/metadata/glsa/glsa-202208-07.xml
new file mode 100644
index 000000000000..7f95f0782958
--- /dev/null
+++ b/metadata/glsa/glsa-202208-07.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-07">
+ <title>LibRaw: Stack buffer overread</title>
+ <synopsis>A buffer overread in LibRaw might allow an attacker to cause denial of service.</synopsis>
+ <product type="ebuild">libraw</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>793956</bug>
+ <access>remote</access>
+ <affected>
+ <package name="media-libs/libraw" auto="yes" arch="*">
+ <unaffected range="ge">0.20.2</unaffected>
+ <vulnerable range="lt">0.20.2</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>LibRaw is a library for reading RAW files obtained from digital photo cameras.</p>
+ </background>
+ <description>
+ <p>LibRaw incorrectly handles parsing DNG fields in some cases, potentially resulting in a buffer overread leading to denial of service.</p>
+ </description>
+ <impact type="low">
+ <p>An attacker capable of providing crafted input to LibRaw could trigger denial of service.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All LibRaw users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libraw-0.20.2"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24870">CVE-2020-24870</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:06:16.242209Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:06:16.247568Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-08.xml b/metadata/glsa/glsa-202208-08.xml
new file mode 100644
index 000000000000..025606af2fdc
--- /dev/null
+++ b/metadata/glsa/glsa-202208-08.xml
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-08">
+ <title>Mozilla Firefox: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.</synopsis>
+ <product type="ebuild">firefox,firefox-bin</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>834631</bug>
+ <bug>834804</bug>
+ <bug>836866</bug>
+ <bug>842438</bug>
+ <bug>846593</bug>
+ <bug>849044</bug>
+ <bug>857045</bug>
+ <bug>861515</bug>
+ <access>remote</access>
+ <affected>
+ <package name="www-client/firefox" auto="yes" arch="*">
+ <unaffected range="ge" slot="esr">91.12.0</unaffected>
+ <unaffected range="ge" slot="rapid">103.0</unaffected>
+ <vulnerable range="lt" slot="rapid">103.0</vulnerable>
+ <vulnerable range="lt" slot="esr">91.12.0</vulnerable>
+ </package>
+ <package name="www-client/firefox-bin" auto="yes" arch="*">
+ <unaffected range="ge" slot="esr">91.12.0</unaffected>
+ <unaffected range="ge" slot="rapid">103.0</unaffected>
+ <vulnerable range="lt" slot="esr">91.12.0</vulnerable>
+ <vulnerable range="lt" slot="rapid">103.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Mozilla Firefox is a popular open-source web browser from the Mozilla project.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="high">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-91.12.0:esr"
+ </code>
+
+ <p>All Mozilla Firefox ESR binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-91.12.0:esr"
+ </code>
+
+ <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-103.0:rapid"
+ </code>
+
+ <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-103.0:rapid"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0843">CVE-2022-0843</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1196">CVE-2022-1196</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1529">CVE-2022-1529</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1802">CVE-2022-1802</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1919">CVE-2022-1919</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2200">CVE-2022-2200</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2505">CVE-2022-2505</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-24713">CVE-2022-24713</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26381">CVE-2022-26381</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26382">CVE-2022-26382</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26383">CVE-2022-26383</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26384">CVE-2022-26384</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26385">CVE-2022-26385</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26386">CVE-2022-26386</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26387">CVE-2022-26387</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26485">CVE-2022-26485</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26486">CVE-2022-26486</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28281">CVE-2022-28281</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28282">CVE-2022-28282</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28283">CVE-2022-28283</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28284">CVE-2022-28284</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28285">CVE-2022-28285</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28286">CVE-2022-28286</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28287">CVE-2022-28287</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28288">CVE-2022-28288</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28289">CVE-2022-28289</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29909">CVE-2022-29909</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29910">CVE-2022-29910</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29911">CVE-2022-29911</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29912">CVE-2022-29912</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29914">CVE-2022-29914</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29915">CVE-2022-29915</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29916">CVE-2022-29916</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29917">CVE-2022-29917</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29918">CVE-2022-29918</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31736">CVE-2022-31736</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31737">CVE-2022-31737</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31738">CVE-2022-31738</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31740">CVE-2022-31740</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31741">CVE-2022-31741</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31742">CVE-2022-31742</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31743">CVE-2022-31743</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31744">CVE-2022-31744</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31745">CVE-2022-31745</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31747">CVE-2022-31747</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31748">CVE-2022-31748</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34468">CVE-2022-34468</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34469">CVE-2022-34469</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34470">CVE-2022-34470</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34471">CVE-2022-34471</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34472">CVE-2022-34472</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34473">CVE-2022-34473</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34474">CVE-2022-34474</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34475">CVE-2022-34475</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34476">CVE-2022-34476</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34477">CVE-2022-34477</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34478">CVE-2022-34478</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34479">CVE-2022-34479</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34480">CVE-2022-34480</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34481">CVE-2022-34481</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34482">CVE-2022-34482</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34483">CVE-2022-34483</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34484">CVE-2022-34484</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34485">CVE-2022-34485</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36315">CVE-2022-36315</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36316">CVE-2022-36316</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36318">CVE-2022-36318</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36319">CVE-2022-36319</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36320">CVE-2022-36320</uri>
+ <uri>MFSA-2022-14</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:06:48.151092Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:06:48.153620Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-09.xml b/metadata/glsa/glsa-202208-09.xml
new file mode 100644
index 000000000000..e692833bfcdc
--- /dev/null
+++ b/metadata/glsa/glsa-202208-09.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-09">
+ <title>HashiCorp Consul: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service.</synopsis>
+ <product type="ebuild">consul</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>760696</bug>
+ <bug>783483</bug>
+ <bug>802522</bug>
+ <bug>812497</bug>
+ <bug>834006</bug>
+ <bug>838328</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-admin/consul" auto="yes" arch="*">
+ <unaffected range="ge">1.9.17</unaffected>
+ <vulnerable range="lt">1.9.17</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>HashiCorp Consul is a tool for service discovery, monitoring and configuration.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in HashiCorp Consul. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="low">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All HashiCorp Consul users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/consul-1.9.17"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25201">CVE-2020-25201</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25864">CVE-2020-25864</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28053">CVE-2020-28053</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28156">CVE-2021-28156</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32574">CVE-2021-32574</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-36213">CVE-2021-36213</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38698">CVE-2021-38698</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-24687">CVE-2022-24687</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29153">CVE-2022-29153</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:07:00.827758Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:07:00.832395Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-10.xml b/metadata/glsa/glsa-202208-10.xml
new file mode 100644
index 000000000000..17cef54e0664
--- /dev/null
+++ b/metadata/glsa/glsa-202208-10.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-10">
+ <title>Spice Server: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Spice Server, the worst of which may result in the remote execution of arbitrary code.</synopsis>
+ <product type="ebuild">spice</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>746920</bug>
+ <bug>792618</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-emulation/spice" auto="yes" arch="*">
+ <unaffected range="ge">0.15.0</unaffected>
+ <vulnerable range="lt">0.15.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Provides a complete open source solution for remote access to virtual machines in a seamless way so you can play videos, record audio, share USB devices and share folders without complications.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Spice Server, please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="normal">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Spice Server users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-emulation/spice-0.15.0"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-14355">CVE-2021-14355</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20201">CVE-2021-20201</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:07:16.230391Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:07:16.235454Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-11.xml b/metadata/glsa/glsa-202208-11.xml
new file mode 100644
index 000000000000..b81aff9336a4
--- /dev/null
+++ b/metadata/glsa/glsa-202208-11.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-11">
+ <title>Yubico pam-u2f: Local PIN Bypass vulnerability</title>
+ <synopsis>A vulnerability has been discovered in pam-u2f which could allow a local attacker to bypass PIN entry.</synopsis>
+ <product type="ebuild">pam_u2f</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>792270</bug>
+ <access>local</access>
+ <affected>
+ <package name="sys-auth/pam_u2f" auto="yes" arch="*">
+ <unaffected range="ge">1.1.1</unaffected>
+ <vulnerable range="lt">1.1.1</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Yubico pam-u2f is a PAM module for FIDO2 and U2F keys.</p>
+ </background>
+ <description>
+ <p>A logic issue in Yubico pam-u2f could result in the bypass of a PIN entry requirement when authenticating with FIDO2.</p>
+ </description>
+ <impact type="low">
+ <p>An attacker with local access to certain applications using pam-u2f for authentication could incorrectly successfully authenticate without entering the authentication PIN.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Yubico pam-u2f users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-auth/pam_u2f-1.1.1"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31924">CVE-2021-31924</uri>
+ <uri>YSA-2021-03</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:07:59.824838Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:07:59.828973Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-12.xml b/metadata/glsa/glsa-202208-12.xml
new file mode 100644
index 000000000000..5cb982d78cf9
--- /dev/null
+++ b/metadata/glsa/glsa-202208-12.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-12">
+ <title>mdbtools: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in mdbtools, the worst of which</synopsis>
+ <product type="ebuild">mdbtools</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>773289</bug>
+ <bug>830371</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-office/mdbtools" auto="yes" arch="*">
+ <unaffected range="ge">0.9.3</unaffected>
+ <vulnerable range="lt">0.9.3</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>mdbtools is a set of libraries and utilities for reading Microsoft Access database (MDB) files.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in mdbtools. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="low">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All mdbtools users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-office/mdbtools-0.9.3"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-45926">CVE-2021-45926</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-45927">CVE-2021-45927</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:08:26.317866Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:08:26.320752Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-13.xml b/metadata/glsa/glsa-202208-13.xml
new file mode 100644
index 000000000000..e0ce4d13456e
--- /dev/null
+++ b/metadata/glsa/glsa-202208-13.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-13">
+ <title>libass: Denial of service</title>
+ <synopsis>A vulnerability in libass could result in denial of service.</synopsis>
+ <product type="ebuild">libass</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>803119</bug>
+ <access>remote</access>
+ <affected>
+ <package name="media-libs/libass" auto="yes" arch="*">
+ <unaffected range="ge">0.15.1</unaffected>
+ <vulnerable range="lt">0.15.1</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>libass is a portable subtitle renderer for the ASS/SSA (Advanced Substation Alpha/Substation Alpha) subtitle format.</p>
+ </background>
+ <description>
+ <p>A one-byte buffer overwrite in ASS font decoding could trigger an assertion failure resulting in denial of service.</p>
+ </description>
+ <impact type="low">
+ <p>An attacker with control over the ASS track input to libass via an application using it could trigger a denial of service.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All libass users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libass-0.15.1"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36430">CVE-2020-36430</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:08:39.534267Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:08:39.537350Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202208-14.xml b/metadata/glsa/glsa-202208-14.xml
new file mode 100644
index 000000000000..b9e3341e39a0
--- /dev/null
+++ b/metadata/glsa/glsa-202208-14.xml
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202208-14">
+ <title>Mozilla Thunderbird: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.</synopsis>
+ <product type="ebuild">thunderbird,thunderbird-bin</product>
+ <announced>2022-08-10</announced>
+ <revised count="1">2022-08-10</revised>
+ <bug>794085</bug>
+ <bug>802759</bug>
+ <bug>807943</bug>
+ <bug>811912</bug>
+ <bug>813501</bug>
+ <bug>822294</bug>
+ <bug>828539</bug>
+ <bug>831040</bug>
+ <bug>833520</bug>
+ <bug>834805</bug>
+ <bug>845057</bug>
+ <bug>846596</bug>
+ <bug>849047</bug>
+ <bug>857048</bug>
+ <bug>864577</bug>
+ <access>remote</access>
+ <affected>
+ <package name="mail-client/thunderbird" auto="yes" arch="*">
+ <unaffected range="ge">91.12.0</unaffected>
+ <vulnerable range="lt">91.12.0</vulnerable>
+ </package>
+ <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+ <unaffected range="ge">91.12.0</unaffected>
+ <vulnerable range="lt">91.12.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Mozilla Thunderbird is a popular open-source email client from the Mozilla project.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="high">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-91.12.0"
+ </code>
+
+ <p>All Mozilla Thunderbird binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-91.12.0"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4129">CVE-2021-4129</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4140">CVE-2021-4140</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29967">CVE-2021-29967</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29969">CVE-2021-29969</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29970">CVE-2021-29970</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29976">CVE-2021-29976</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29980">CVE-2021-29980</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29984">CVE-2021-29984</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29985">CVE-2021-29985</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29986">CVE-2021-29986</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29988">CVE-2021-29988</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29989">CVE-2021-29989</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30547">CVE-2021-30547</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38492">CVE-2021-38492</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38493">CVE-2021-38493</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38495">CVE-2021-38495</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38503">CVE-2021-38503</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38504">CVE-2021-38504</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38506">CVE-2021-38506</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38507">CVE-2021-38507</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38508">CVE-2021-38508</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38509">CVE-2021-38509</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-40529">CVE-2021-40529</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43528">CVE-2021-43528</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43529">CVE-2021-43529</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43536">CVE-2021-43536</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43537">CVE-2021-43537</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43538">CVE-2021-43538</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43539">CVE-2021-43539</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43541">CVE-2021-43541</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43542">CVE-2021-43542</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43543">CVE-2021-43543</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43545">CVE-2021-43545</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-43546">CVE-2021-43546</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0566">CVE-2022-0566</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1196">CVE-2022-1196</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1197">CVE-2022-1197</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1520">CVE-2022-1520</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1529">CVE-2022-1529</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1802">CVE-2022-1802</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1834">CVE-2022-1834</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2200">CVE-2022-2200</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2226">CVE-2022-2226</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22737">CVE-2022-22737</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22738">CVE-2022-22738</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22739">CVE-2022-22739</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22740">CVE-2022-22740</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22741">CVE-2022-22741</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22742">CVE-2022-22742</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22743">CVE-2022-22743</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22745">CVE-2022-22745</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22747">CVE-2022-22747</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22748">CVE-2022-22748</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22751">CVE-2022-22751</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22754">CVE-2022-22754</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22756">CVE-2022-22756</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22759">CVE-2022-22759</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22760">CVE-2022-22760</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22761">CVE-2022-22761</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22763">CVE-2022-22763</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-22764">CVE-2022-22764</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-24713">CVE-2022-24713</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26381">CVE-2022-26381</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26383">CVE-2022-26383</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26384">CVE-2022-26384</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26386">CVE-2022-26386</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26387">CVE-2022-26387</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26485">CVE-2022-26485</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-26486">CVE-2022-26486</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28281">CVE-2022-28281</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28282">CVE-2022-28282</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28285">CVE-2022-28285</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28286">CVE-2022-28286</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-28289">CVE-2022-28289</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29909">CVE-2022-29909</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29911">CVE-2022-29911</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29912">CVE-2022-29912</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29913">CVE-2022-29913</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29914">CVE-2022-29914</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29916">CVE-2022-29916</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-29917">CVE-2022-29917</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31736">CVE-2022-31736</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31737">CVE-2022-31737</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31738">CVE-2022-31738</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31740">CVE-2022-31740</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31741">CVE-2022-31741</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31742">CVE-2022-31742</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-31747">CVE-2022-31747</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34468">CVE-2022-34468</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34470">CVE-2022-34470</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34472">CVE-2022-34472</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34478">CVE-2022-34478</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34479">CVE-2022-34479</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34481">CVE-2022-34481</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34484">CVE-2022-34484</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36318">CVE-2022-36318</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-36319">CVE-2022-36319</uri>
+ <uri>MOZ-2021-0007</uri>
+ <uri>MOZ-2021-0008</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-08-10T04:08:55.757755Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-08-10T04:08:55.760111Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index f2675942396d..a03a3a561952 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 10 Aug 2022 00:39:56 +0000
+Wed, 10 Aug 2022 06:39:56 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 3c24c45fc243..605b15893661 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-911ba97fd465c36414fa2eb8a1fea31d4152990a 1659621622 2022-08-04T14:00:22+00:00
+8856093f804feeda5fe9097d49ba3307aaefc9c2 1660105056 2022-08-10T04:17:36+00:00
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 14:15:33 +0000