diff options
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 417870 -> 418049 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-200507-28.xml | 2 | ||||
-rw-r--r-- | metadata/glsa/glsa-200512-16.xml | 2 | ||||
-rw-r--r-- | metadata/glsa/glsa-201006-18.xml | 2 | ||||
-rw-r--r-- | metadata/glsa/glsa-201803-05.xml | 101 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
8 files changed, 121 insertions, 20 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index b7267268126c..bd3a8b2b9889 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 417870 BLAKE2B 5065b7b9f6a96f86bf5abd010e56c6e80ea6e4c69ded7bea498bd5905b65effbae954175f68157189d42be8287232bc8ecabbe86115cb331cde9dc1246a35750 SHA512 e1fab6a999acc784d0c5597fc2bfabdd9ef83ae65ef7b5c1a4101d3f3f8041354340f6c5964f9aae4129d9150fdf2da2ad3b336198034e9d7bd904feaab65bf6 -TIMESTAMP 2018-03-13T16:08:15Z +MANIFEST Manifest.files.gz 418049 BLAKE2B a3e82a397312cf762e5cda25564d440a2b3aecaa5aaa703bf956b60cecc8465221f566829e94822d9c1453675eb2846f013d89579e6c62c3c38ae184e7b9f98e SHA512 23b3a75e9e75b69bd5906e842a32dfa2ce18c0384359a6fc950c0d89c337ede1766f040f5accdac618d7d1d758c7068653796d64371f385e712efb90a2e82b8d +TIMESTAMP 2018-03-17T23:08:22Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlqn929fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlqtn+ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klDahA//b1RhsPfj9OKb4b0EylBR1I5d3grRGF1FIWcDNrOAXaIzIdTkEeNbKc4H -QGk7VQbOKBey9cj8Kd1896KtvG1cRXiZVHsjLC2k1ToCNbDTM2lPTk3+ybQdA/nC -fOfRdNWR0zt+TJ6n1mZE6MsNxA/WQTIs/Q8lRwdUaaHVKvsM5oEh52Cwp7WTA1lK -FkHF9estJfWWQnZtVgDc9Qik0bI/CwZPZiSIr7Ew0yoUKhrxv3nHeqbB5me2fU+9 -w0zBW4GksEkbPlvqG2bdecuqtG2DtKOLRFegpoaQ2/UCPwICMdw3es2wIAgZViLs -S6inH2XluDPiEgs+4D+pf1LWt2e3c3xCzIuCG+3I0iDQUzkqk5aPkHGVAXXmHoe2 -WO00h/Hosv1hEMXm1N73c7tTF9czvBRBLCvMFzuHgf7xgPVXZLJWX5Al6kQdmQiR -H+iLGfQ9xX76lro6o+v9QWw7GuWUnrDpaqwstOTErr51pYUDR5q76W/4wwLIIEOx -kl8bWMfEKx1uWvAgSUuIpIJRJqfaOimeFaGr7Pf5KVbvitjqDyGF6ebjwgKfZ3fF -9wwOk6fQvpTmpC6RVJNaf0jyySf5uP02PT9jMTJeyK9e0FcPJx1oFNvqPHI8BdTR -zpAeJfKyCc7mbVuRy2qq9DHtLAVuaJsm07x9H/ilxxt7yvPXIco= -=PlZa +klC4/BAAry6B8HUOo8uum9CqObD8/d8Kxl1OK81BANppejCSjNV/GzCScDmQTmDz +M5kUQRwy2VKGuv3wvOOOMCXW5VOYID4nzGIenk8uw9zmhBA+WHH4hiBajorfCWT8 +O7/OUa+ZLRfrAGxi4xElCr61hgeGRU0JoofSR+z+8HydcbvsmBtT8TqxOqYKFOIl +de4Vs4+BvSBnxKUlVECYm/3J5aZPAItGAgjKCYr/KsDReeOb/YxF236aum46SF1b +TFLqWl83BMRdXQ78jwupP0OGvDRkn5Be9SUFlyKhP+0Eav8H53QnRaqdZbN8g9Hh +0+BWGED7aJW/0AcQiD2Pn9IM6iiOn774HnlGdoPdac3fk+z69zXcKKFxso6ZPXQV +Bd+H6LrfVlT+YGDcFXiOc0XxnGHkYqqLaBnvfgXk3TskUOinQWsSA77HDvJmNcna +WD8tOUhBEelFtSWPWax8xwo3FMzHDY4i5FJsWZNxbWejbx2H3/Med+empOZnIJTL +FZG3pTrr1CivlstYXjnXkNU79F+K+p3d8/RrVxf9IJHOQ/yWhpXhFFElXidpB1or +ajA+Q5TISkHEezZP8sxc5HCnbU/igpnYOIR8Vaujtqd+1DysSRGzu1vFCsQXXDeM +te0hUaazrCGpDHjehBlPDr/aTXmIHAT5r28qKcFJ9mo1vF54OyM= +=30bJ -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex b6ba86246c9d..126487115776 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-200507-28.xml b/metadata/glsa/glsa-200507-28.xml index 3b12ec9974fd..fe1515499e55 100644 --- a/metadata/glsa/glsa-200507-28.xml +++ b/metadata/glsa/glsa-200507-28.xml @@ -12,7 +12,7 @@ <bug>100686</bug> <access>remote</access> <affected> - <package name="app-emulation/emul-linux-x86-baselibs" auto="yes" arch="AMD64"> + <package name="app-emulation/emul-linux-x86-baselibs" auto="yes" arch="amd64"> <unaffected range="ge">2.1.2</unaffected> <vulnerable range="lt">2.1.2</vulnerable> </package> diff --git a/metadata/glsa/glsa-200512-16.xml b/metadata/glsa/glsa-200512-16.xml index c9628ab9364d..d1fd1664d4d3 100644 --- a/metadata/glsa/glsa-200512-16.xml +++ b/metadata/glsa/glsa-200512-16.xml @@ -18,7 +18,7 @@ <unaffected range="rge">2.1.30-r13</unaffected> <vulnerable range="lt">2.2.3-r8</vulnerable> </package> - <package name="app-emulation/emul-linux-x86-xlibs" auto="yes" arch="AMD64"> + <package name="app-emulation/emul-linux-x86-xlibs" auto="yes" arch="amd64"> <unaffected range="ge">2.2.1</unaffected> <vulnerable range="lt">2.2.1</vulnerable> </package> diff --git a/metadata/glsa/glsa-201006-18.xml b/metadata/glsa/glsa-201006-18.xml index 29392d117c3c..bbd423cef309 100644 --- a/metadata/glsa/glsa-201006-18.xml +++ b/metadata/glsa/glsa-201006-18.xml @@ -125,7 +125,7 @@ <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850">CVE-2010-0850</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886">CVE-2010-0886</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0887">CVE-2010-0887</uri> - <uri link="/doc/en/java.xml#doc_chap4">Gentoo Linux Java documentation</uri> + <uri link="https://wiki.gentoo.org/wiki/Java">Gentoo Linux Java documentation</uri> <uri link="https://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html">Oracle Java SE and Java for Business Critical Patch Update Advisory - March 2010</uri> </references> <metadata tag="requester" timestamp="2010-04-02T09:43:04Z"> diff --git a/metadata/glsa/glsa-201803-05.xml b/metadata/glsa/glsa-201803-05.xml new file mode 100644 index 000000000000..4feb90ed0823 --- /dev/null +++ b/metadata/glsa/glsa-201803-05.xml @@ -0,0 +1,101 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="201803-05"> + <title>Chromium, Google Chrome: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Chromium and Google + Chrome, the worst of which could result in the execution of arbitrary code. + </synopsis> + <product type="ebuild">chromium, google-chrome</product> + <announced>2018-03-13</announced> + <revised count="2">2018-03-13</revised> + <bug>649800</bug> + <access>local, remote</access> + <affected> + <package name="www-client/chromium" auto="yes" arch="*"> + <unaffected range="ge">65.0.3325.146</unaffected> + <vulnerable range="lt">65.0.3325.146</vulnerable> + </package> + <package name="www-client/google-chrome" auto="yes" arch="*"> + <unaffected range="ge">65.0.3325.146</unaffected> + <vulnerable range="lt">65.0.3325.146</vulnerable> + </package> + </affected> + <background> + <p>Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. + </p> + + <p>Google Chrome is one fast, simple, and secure browser for all your + devices. + </p> + + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the referenced CVE identifiers and Google Chrome + Releases for details. + </p> + + </description> + <impact type="normal"> + <p>A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, bypass + content security controls, or conduct URL spoofing. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Chromium users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=www-client/chromium-65.0.3325.146" + </code> + + <p>All Google Chrome users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=www-client/google-chrome-65.0.3325.146" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6057">CVE-2018-6057</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6058">CVE-2018-6058</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6059">CVE-2018-6059</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6060">CVE-2018-6060</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6061">CVE-2018-6061</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6062">CVE-2018-6062</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6063">CVE-2018-6063</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6064">CVE-2018-6064</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6065">CVE-2018-6065</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6066">CVE-2018-6066</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6067">CVE-2018-6067</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6068">CVE-2018-6068</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6069">CVE-2018-6069</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6070">CVE-2018-6070</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6071">CVE-2018-6071</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6072">CVE-2018-6072</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6073">CVE-2018-6073</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6074">CVE-2018-6074</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6075">CVE-2018-6075</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6076">CVE-2018-6076</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6077">CVE-2018-6077</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6078">CVE-2018-6078</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6079">CVE-2018-6079</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6080">CVE-2018-6080</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6081">CVE-2018-6081</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6082">CVE-2018-6082</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6083">CVE-2018-6083</uri> + <uri link="https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"> + Google Chrome Release 20180306 + </uri> + </references> + <metadata tag="requester" timestamp="2018-03-10T18:57:32Z">chrisadr</metadata> + <metadata tag="submitter" timestamp="2018-03-13T20:58:50Z">chrisadr</metadata> +</glsa> diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 0a8ed9c15796..c03a51db858b 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Tue, 13 Mar 2018 16:08:11 +0000 +Sat, 17 Mar 2018 23:08:18 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index ae3297387e20..531345869884 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -a3a9d59f86ebf5d6e6d86f34addc40bfcfe72e5a 1520785907 2018-03-11T16:31:47+00:00 +34ad30cce52efe764ba4081474d36b99763811a1 1520983028 2018-03-13T23:17:08+00:00 |