diff options
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 448845 -> 448529 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-201909-07.xml | 64 | ||||
-rw-r--r-- | metadata/glsa/glsa-201909-08.xml | 49 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
6 files changed, 17 insertions, 130 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 052fe8c527a3..eba6cee644e5 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 448845 BLAKE2B 24feded351e2c02762000f35c6c58ac935b2383bf6acdd7450f974e16e15fe0935d3f657233d5cd4ab87639ad5f410b8ea36fd5c019b93bfbfc47983ef01dbdc SHA512 569d13495f7e4953afefd29435d7953d3afa1815ae86459c1f4f84726efaaedc5598835f415738d792d2d1060be50cf8ad9140b7fcf124dd7f9ea681a55957ab -TIMESTAMP 2019-09-13T15:38:53Z +MANIFEST Manifest.files.gz 448529 BLAKE2B 70fc5fdf3704f2b7ec0033da58e9dba173720d87011ed4a8c13796a79ab719c338f43528d1a392475f724b87e95f6e187b39a6f6e92d64f4882d0f0004bffa24 SHA512 53832aafadeff79f44632a74dc19ba49106055cc3a8017511025ef2e4ca2499a5d5154766e4957167240e37b7e0bfd956e305d79053c82988ad80b673f006f8c +TIMESTAMP 2019-09-07T23:09:08Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl17uA1fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl10OJRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAjVQ//bD8cLNl1zt+X0PUT3N5fZE1gryFA0wROI1L/RZCzfmEnO+kkRe813toE -cFF6NgR6PusF4qkPU9UbzkNWYbfZoMaZkJjds1WZdfu+pWD+QPRNcUOPDOI/ZJZ6 -zRTmDB4/U2J/TEZeFQIFPypP4+S3sL1n1MBGiluGm4m4y0hu3WFBiuH5Lh/pk+MA -W6zvXRFU8Cv32OkdAlnc1cJHamfua04HnSKt+2xgpAl+tMPZYuHZOHziYmkgPTyr -p3tzcrgjNRAHkNQyd9cfTw9LcG1zl/7QkT8cInIx1z83gM4l9FaUsVt56vLhSOW0 -a1ATf2IMWP0eRP2gsKArKplJL4sshYdGPAosn0RODs00K2Es3qkG+jHm5IAFjDhx -SDJlpkXUfXgkf8jnbLq9O27XmXXS8FbTPg5ScLJcjwNc8x2ZwSC8jo5TrOelfNZg -QcJg8eqq+kgi3PL6cmH2V28HW9p6CRG7HFUlOhuBEu1DB8HSpDwUOM4wShByedE3 -Gf6pLHyLlYRTavHUAsyQuH13G6Yx41yyqbEM5SLdOZ8HYJZ4UKKGUC571PIxrrbG -ALeNU9tvH2x6hV8hZWld0i09GS17XRvPF++Lj4FiZwEEgqQUKdZ0dxcoY7F6Pi0c -zLKv87opDBnQlf/jqVqiFhnG1lUn6skN2Z/HKqhkcrxTvxc31es= -=57cW +klCN8A//SkpChS4L4qFkiOHwjHf4wtUIa7szn1dux34X7fyb3W/5uXdyyRqCarK9 +X9Y8yqKkKUWBTRP195IsRMn76nJD0AwX2v5sKvOEsJJjCMD3Ka8uxKJqb1V23JXM +LXn0/cqFJHQCfVnZvNLQUCOg5TJEtKZQJVEojFwpicB8usWdGrvk0tuxi81bLbOB ++1ekRMfKy3Ik2sdMWKrowEoeoicOcbYTi7yGT+z8YceVIku+pDeq0Tbj8jvfOYdf +sdo5pPJeqYFk788zYELBpUGAfM1RkMTv3uuTdQ6bIjNnjb0cp2TP62oSoEYWOWDg +qh2Ts+j7As00AGtxjq6zv2jQj03rugy3aiz9FvEhR7aLh+acYgD66Lale9QXnHa+ +SLiA22EOXIuACTnFZr0E/IdZGU/KG3QFr2EKCmsupUVxiUINM/Ypz73bmbi6lEIW +7/ziqcDqYBMmxTcZg5x3gyqrOU/Na/nXEJZ3dLyA7zCtkgts+W4+oh2Iwm9Vcajn +FTHp0D0ep4hAv505JGUEKPv8tBsU4tmcdjbcpKBXaAF10OU4bkEJd3hzvcNTqrim +0V1YIj482yNYDWuQEOrru5yBRXrZj9nr+yAkW/sqGvH5zCSAeuMxOKTvzHlO1p1p +tEizdnKAB6hB3tFjgiF/JMZkDxx3+pMYoTnu57m0KQUjlcVTboo= +=V6QD -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex e80a943da59d..81138f54ea78 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-201909-07.xml b/metadata/glsa/glsa-201909-07.xml deleted file mode 100644 index a91111969542..000000000000 --- a/metadata/glsa/glsa-201909-07.xml +++ /dev/null @@ -1,64 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> -<glsa id="201909-07"> - <title>Simple DirectMedia Layer: Multiple vulnerabilities</title> - <synopsis>Multiple vulnerabilities have been found in Simple DirectMedia - Layer, the worst of which could result in the arbitrary execution of code. - </synopsis> - <product type="ebuild">libsdl2</product> - <announced>2019-09-08</announced> - <revised count="1">2019-09-08</revised> - <bug>690064</bug> - <bug>692392</bug> - <access>remote</access> - <affected> - <package name="media-libs/libsdl2" auto="yes" arch="*"> - <unaffected range="ge">2.0.10</unaffected> - <vulnerable range="lt">2.0.10</vulnerable> - </package> - </affected> - <background> - <p>Simple DirectMedia Layer is a cross-platform development library - designed to provide low level access to audio, keyboard, mouse, joystick, - and graphics hardware via OpenGL and Direct3D. - </p> - </background> - <description> - <p>Multiple vulnerabilities have been discovered in Simple DirectMedia - Layer. Please review the CVE identifiers referenced below for details. - </p> - </description> - <impact type="normal"> - <p>A remote attacker could entice a user to process a specially crafted - audio or video, possibly resulting in execution of arbitrary code with - the privileges of the process or a Denial of Service condition. - </p> - </impact> - <workaround> - <p>There is no known workaround at this time.</p> - </workaround> - <resolution> - <p>All Simple DirectMedia Layer users should upgrade to the latest version:</p> - - <code> - # emerge --sync - # emerge --ask --oneshot --verbose ">=media-libs/libsdl2-2.0.10" - </code> - - </resolution> - <references> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-13626">CVE-2019-13626</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7572">CVE-2019-7572</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7573">CVE-2019-7573</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7574">CVE-2019-7574</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7575">CVE-2019-7575</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7576">CVE-2019-7576</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7577">CVE-2019-7577</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7578">CVE-2019-7578</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7635">CVE-2019-7635</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7636">CVE-2019-7636</uri> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7638">CVE-2019-7638</uri> - </references> - <metadata tag="requester" timestamp="2019-09-07T00:08:23Z">b-man</metadata> - <metadata tag="submitter" timestamp="2019-09-08T17:40:28Z">b-man</metadata> -</glsa> diff --git a/metadata/glsa/glsa-201909-08.xml b/metadata/glsa/glsa-201909-08.xml deleted file mode 100644 index 7f2b35906305..000000000000 --- a/metadata/glsa/glsa-201909-08.xml +++ /dev/null @@ -1,49 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> -<glsa id="201909-08"> - <title>D-Bus: Authentication bypass</title> - <synopsis>An authentication bypass was discovered in D-Bus.</synopsis> - <product type="ebuild">dbus</product> - <announced>2019-09-08</announced> - <revised count="1">2019-09-08</revised> - <bug>687900</bug> - <access>local</access> - <affected> - <package name="sys-apps/dbus" auto="yes" arch="*"> - <unaffected range="ge">1.12.16</unaffected> - <vulnerable range="lt">1.12.16</vulnerable> - </package> - </affected> - <background> - <p>D-Bus is a message bus system which processes can use to talk to each - other. - </p> - </background> - <description> - <p>It was discovered that a local attacker could manipulate symbolic links - in their own home directory to bypass authentication and connect to a - DBusServer with elevated privileges. - </p> - </description> - <impact type="normal"> - <p>A local attacker can bypass authentication mechanisms and elevate - privileges. - </p> - </impact> - <workaround> - <p>There is no known workaround at this time.</p> - </workaround> - <resolution> - <p>All D-Bus users should upgrade to the latest version:</p> - - <code> - # emerge --sync - # emerge --ask --oneshot --verbose ">=sys-apps/dbus-1.12.16" - </code> - </resolution> - <references> - <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12749">CVE-2019-12749</uri> - </references> - <metadata tag="requester" timestamp="2019-09-07T17:12:55Z">b-man</metadata> - <metadata tag="submitter" timestamp="2019-09-08T17:40:45Z">b-man</metadata> -</glsa> diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 3a35c43b0add..36c3392d5556 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Fri, 13 Sep 2019 15:38:50 +0000 +Sat, 07 Sep 2019 23:09:04 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 933a7041a478..82f2e1957979 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -0d8b041795d355b2f8da9b84725a62150a91dc13 1567964538 2019-09-08T17:42:18+00:00 +68b71b2cbc79a9ef9e8701eb09586b9f2f9eb7b2 1567815781 2019-09-07T00:23:01+00:00 |