summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin524963 -> 525759 bytes
-rw-r--r--metadata/glsa/glsa-202209-01.xml56
-rw-r--r--metadata/glsa/glsa-202209-02.xml48
-rw-r--r--metadata/glsa/glsa-202209-03.xml46
-rw-r--r--metadata/glsa/glsa-202209-04.xml45
-rw-r--r--metadata/glsa/glsa-202209-05.xml153
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
9 files changed, 365 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index a84a3100862e..cc1a62987b43 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 524963 BLAKE2B 63a134310988775e80829f8df76e35bc7a36e500f38a02043ac51f423c095de0df8392b4c21b862e8aa1190811e33352db519f38ea643efbc71bfe95d975b6e6 SHA512 bc7c3b57f8c76fb5c8bdb7acf957ff1b9ee261e5de3501606b4991af3973817d95ec173a706003dbfebc5f22f084a39d16aa1dc3ca8f09463ac655d04f93d120
-TIMESTAMP 2022-09-07T02:40:03Z
+MANIFEST Manifest.files.gz 525759 BLAKE2B 487aaba91a7a713d59ac9586bbe0ffaeb7bf01fde9781422d78f1d1e009e745a8cea346fbefedc07f275060c3798240f56799ae9f182d10305c04a36eac8db25 SHA512 9ad37d1ae3ef248f0c465e37bce58b95e6f9da024c5d52c9ede183ff971546b15abed0e4dd4ca83a4f69fd2c722ad188eb583dd8d8337d8d99ae3e7c776b7da4
+TIMESTAMP 2022-09-07T08:40:02Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmMYBINfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmMYWOJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klAnPA//Ulvjlw2EaJJk8dqQnIQ2/EYXLwEr+st8897pODXOvQHaGufqLsXYJGpf
-0PJeyR0XH11OiDeMQ1nj0/T/V9nBPtUmHiVUx61xfDn5clivTMLCyAWlq4Qjuo1F
-k1SyccB/7g7YMnJLx+kl2OCWuPpTz9CtthADe+db1f+CZ+dA1mSgbwBCW/ZGPzCR
-oO7FRjFq2WgJuWglXuknTYcH456dxARPe4tfpSZ66ULtbcQOGX1JHX8OHsyGsVIk
-mRT0e6bqOFsDryUi3r25eByh346BGKvnR36uFuofI1b2D5JbFgvV0b4r2RpcHhIC
-EVpDQp7uIDyiWl8rzl08FpMau6EpBHDQDJISkaFa/bHkjxhVFndyHg+3bAYqd0f8
-qwFY1H40mOoINH7JJU21JliHdI1wSWkQICfePspS8I7fo0iNukDNPyazFI4z2gKP
-Cp5GSA1iuSZxDXCN7HbGrbSblMva1CVykcAf4+KKljJLg1t2fVynClV5Tn0xsIPn
-z8yPw74qwhVWLMNiQN2+wAPIE41xVAFpnrjL9qM4kEnK2iv4vyaiE5oud1KcTATr
-YBXTiipP1Yu5ffeBMbwLhJjtbTqeB7TqoWyxoJcNoBzAz9nF0tL4S0FhCaly4kYV
-e0vTCz3oPfndHgP66OvJWs9B4cucqcoHcPKLiazfOi4x5SRdXIM=
-=Lv2u
+klAJ2Q/5AR3UaVRADMa1Mvz2pNx6b9Cn6Gfm3sZhcJpu984Ch0FObJKEkfKb2mdt
+tlkuIpb1oAX2N2+4KEwnxZ1DAOzjKqN3WuUVIowToYVqggvDwCNukYHZTvpTHvD/
+rT9BUF7HDYPwocIMEVdbcDGUTQoaAmQjheuBSHWKqzz3z3dfQ/RHGDomjKTgIum1
+iIIcv3ROjN/WMPhrjrwbqlys5FEd60glBDmE2ctpx3XLXdaWUV8vh/lOni6WNkWG
++66k/Ke9ceEqLZGzy7jKV8tIzclOcGBgW5DMCoL3s95YRazOBHVpMLtHu76TXoX7
+oLOFdJdbm/RGcw2ia1BOe3g9ueVljSrqoWIsdVERmcNm5ykcUW4kHQ9vq4P8frr9
+wUiDC1Bj0tA0WblECKCMQaUW8WddtbBp1leQE5MaCYg9alT/mMDqsB+/bpX8zuSq
+kxGScB/yFZXLtskXMXZIxNBjBu3XMHVJu0SZt4SwHGG4u8HwsMbds9WhuDbCfDkY
+MD9SYodIodbpcuMOR2haGntgQ45FRWdODZ2+ZSNeRshHICkXPwt0BHQUp4Dg8QcE
+v0VKZ0M/4oUeDz77ZgV26X4UAHVOvcOQbrfLCGok5fzgDPGvAb8X9IqddxWdwn3g
+/7CiZL2gzp9b8FUhb2gyyi2O3w44wmMuMUW/TtwPsO0PRnBtqE4=
+=r1cR
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index cf5c31bb2c19..7ecc60fdbad4 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-202209-01.xml b/metadata/glsa/glsa-202209-01.xml
new file mode 100644
index 000000000000..1fdcaf71f0c1
--- /dev/null
+++ b/metadata/glsa/glsa-202209-01.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202209-01">
+ <title>GNU Gzip, XZ Utils: Arbitrary file write</title>
+ <synopsis>A vulnerability has been discovered in GNU Gzip and XZ Utils&#39; grep helpers which could result in writes to arbitrary files.</synopsis>
+ <product type="ebuild">gzip,xz-utils</product>
+ <announced>2022-09-07</announced>
+ <revised count="1">2022-09-07</revised>
+ <bug>837152</bug>
+ <bug>837155</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-arch/gzip" auto="yes" arch="*">
+ <unaffected range="ge">1.12</unaffected>
+ <vulnerable range="lt">1.12</vulnerable>
+ </package>
+ <package name="app-arch/xz-utils" auto="yes" arch="*">
+ <unaffected range="ge">5.2.5</unaffected>
+ <vulnerable range="lt">5.2.5</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>GNU Gzip is a popular data compression program.
+
+XZ Utils is free general-purpose data compression software with a high compression ratio.</p>
+ </background>
+ <description>
+ <p>GNU Gzip and XZ Utils&#39; grep helpers do not sufficiently validate certain multi-line file names.</p>
+ </description>
+ <impact type="high">
+ <p>In some cases, writing to arbitrary files such as shell initialization files can be escalation to remote code execution.</p>
+ </impact>
+ <workaround>
+ <p>Ensuring only trusted input is passed to GNU Gzip and XZ Utils&#39; grep helpers minimizes the potential impact.</p>
+ </workaround>
+ <resolution>
+ <p>All GNU Gzip users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/gzip-1.12"
+ </code>
+
+ <p>All XZ Utils users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/xz-utils-5.2.5"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1271">CVE-2022-1271</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-09-07T02:51:56.494624Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-09-07T02:51:56.504364Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202209-02.xml b/metadata/glsa/glsa-202209-02.xml
new file mode 100644
index 000000000000..2c7d26523d17
--- /dev/null
+++ b/metadata/glsa/glsa-202209-02.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202209-02">
+ <title>IBM Spectrum Protect: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in IBM Spectrum Protect, the worst of which could result in arbitrary code execution.</synopsis>
+ <product type="ebuild">tsm</product>
+ <announced>2022-09-07</announced>
+ <revised count="1">2022-09-07</revised>
+ <bug>788115</bug>
+ <bug>829189</bug>
+ <bug>831509</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-backup/tsm" auto="yes" arch="*">
+ <unaffected range="ge">8.1.13.3</unaffected>
+ <vulnerable range="lt">8.1.13.3</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>TSM provides the client and the API for IBM Spectrum Protect (formerly known as Tivoli Storage Manager), a backup and archival client/server solution targetting large tape libraries.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in IBM Spectrum Protect. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="high">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All IBM Spectrum Protect users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-backup/tsm-8.1.13.3"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3711">CVE-2021-3711</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3712">CVE-2021-3712</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4104">CVE-2021-4104</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29672">CVE-2021-29672</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-39048">CVE-2021-39048</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-09-07T02:52:10.543581Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-09-07T02:52:10.548069Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202209-03.xml b/metadata/glsa/glsa-202209-03.xml
new file mode 100644
index 000000000000..c3b22e3de08c
--- /dev/null
+++ b/metadata/glsa/glsa-202209-03.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202209-03">
+ <title>OpenSC: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in OpenSC, the worst of which could result in the execution of arbitrary code.</synopsis>
+ <product type="ebuild">opensc</product>
+ <announced>2022-09-07</announced>
+ <revised count="1">2022-09-07</revised>
+ <bug>839357</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-libs/opensc" auto="yes" arch="*">
+ <unaffected range="ge">0.22.0</unaffected>
+ <vulnerable range="lt">0.22.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>OpenSC contains tools and libraries for smart cards.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in OpenSC. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="normal">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All OpenSC users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/opensc-0.22.0"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42778">CVE-2021-42778</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42779">CVE-2021-42779</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42780">CVE-2021-42780</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42781">CVE-2021-42781</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42782">CVE-2021-42782</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-09-07T02:52:29.199741Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-09-07T02:52:29.203955Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202209-04.xml b/metadata/glsa/glsa-202209-04.xml
new file mode 100644
index 000000000000..9933cc2cc610
--- /dev/null
+++ b/metadata/glsa/glsa-202209-04.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202209-04">
+ <title>OpenJPEG: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.</synopsis>
+ <product type="ebuild">openjpeg</product>
+ <announced>2022-09-07</announced>
+ <revised count="1">2022-09-07</revised>
+ <bug>783513</bug>
+ <bug>836969</bug>
+ <bug>844064</bug>
+ <access>remote</access>
+ <affected>
+ <package name="media-libs/openjpeg" auto="yes" arch="*">
+ <unaffected range="ge">2.5.0</unaffected>
+ <vulnerable range="lt">2.5.0</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>OpenJPEG is an open-source JPEG 2000 library.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in OpenJPEG. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="normal">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All OpenJPEG 2 users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/openjpeg-2.5.0"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29338">CVE-2021-29338</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-1122">CVE-2022-1122</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-09-07T02:52:40.959934Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-09-07T02:52:40.964269Z">ajak</metadata>
+</glsa> \ No newline at end of file
diff --git a/metadata/glsa/glsa-202209-05.xml b/metadata/glsa/glsa-202209-05.xml
new file mode 100644
index 000000000000..f418dacf8484
--- /dev/null
+++ b/metadata/glsa/glsa-202209-05.xml
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202209-05">
+ <title>OpenJDK: Multiple Vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.</synopsis>
+ <product type="ebuild">openjdk,openjdk-bin,openjdk-jre-bin</product>
+ <announced>2022-09-07</announced>
+ <revised count="1">2022-09-07</revised>
+ <bug>803605</bug>
+ <bug>831446</bug>
+ <bug>784611</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-java/openjdk" auto="yes" arch="*">
+ <unaffected range="ge" slot="17">17.0.2_p8</unaffected>
+ <unaffected range="ge" slot="11">11.0.14_p9</unaffected>
+ <unaffected range="ge" slot="8">8.322_p06</unaffected>
+ <vulnerable range="lt" slot="17">17.0.2_p8</vulnerable>
+ <vulnerable range="lt" slot="11">11.0.14_p9</vulnerable>
+ <vulnerable range="lt" slot="8">8.322_p06</vulnerable>
+ </package>
+ <package name="dev-java/openjdk-bin" auto="yes" arch="*">
+ <unaffected range="ge" slot="17">17.0.2_p8</unaffected>
+ <unaffected range="ge" slot="11">11.0.14_p9</unaffected>
+ <unaffected range="ge" slot="8">8.322_p06</unaffected>
+ <vulnerable range="lt" slot="17">17.0.2_p8</vulnerable>
+ <vulnerable range="lt" slot="11">11.0.14_p9</vulnerable>
+ <vulnerable range="lt" slot="8">8.322_p06</vulnerable>
+ </package>
+ <package name="dev-java/openjdk-jre-bin" auto="yes" arch="*">
+ <unaffected range="ge" slot="17">17.0.2_p8</unaffected>
+ <unaffected range="ge" slot="11">11.0.14_p9</unaffected>
+ <unaffected range="ge" slot="8">8.322_p06</unaffected>
+ <vulnerable range="lt" slot="17">17.0.2_p8</vulnerable>
+ <vulnerable range="lt" slot="11">11.0.14_p9</vulnerable>
+ <vulnerable range="lt" slot="8">8.322_p06</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>OpenJDK is an open source implementation of the Java programming language.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details.</p>
+ </description>
+ <impact type="low">
+ <p>Please review the referenced CVE identifiers for details.</p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All OpenJDK 8 users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-8.322_p06:8"
+ </code>
+
+ <p>All OpenJDK 8 JRE binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-8.322_p06:8"
+ </code>
+
+ <p>All OpenJDK 8 binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-8.322_p06:8"
+ </code>
+
+ <p>All OpenJDK 11 users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-11.0.14_p9:11"
+ </code>
+
+ <p>All OpenJDK 11 JRE binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-11.0.14_p9:11"
+ </code>
+
+ <p>All OpenJDK 11 binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-11.0.14_p9:11"
+ </code>
+
+ <p>All OpenJDK 17 users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-17.0.2_p8:17"
+ </code>
+
+ <p>All OpenJDK 17 JRE binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-17.0.2_p8:17"
+ </code>
+
+ <p>All OpenJDK 17 binary users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-17.0.2_p8:17"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2161">CVE-2021-2161</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2163">CVE-2021-2163</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2341">CVE-2021-2341</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2369">CVE-2021-2369</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2388">CVE-2021-2388</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2432">CVE-2021-2432</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35550">CVE-2021-35550</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35556">CVE-2021-35556</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35559">CVE-2021-35559</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35561">CVE-2021-35561</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35564">CVE-2021-35564</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35565">CVE-2021-35565</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35567">CVE-2021-35567</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35578">CVE-2021-35578</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35586">CVE-2021-35586</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35588">CVE-2021-35588</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35603">CVE-2021-35603</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21248">CVE-2022-21248</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21271">CVE-2022-21271</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21277">CVE-2022-21277</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21282">CVE-2022-21282</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21283">CVE-2022-21283</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21291">CVE-2022-21291</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21293">CVE-2022-21293</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21294">CVE-2022-21294</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21296">CVE-2022-21296</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21299">CVE-2022-21299</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21305">CVE-2022-21305</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21340">CVE-2022-21340</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21341">CVE-2022-21341</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21349">CVE-2022-21349</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21360">CVE-2022-21360</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21365">CVE-2022-21365</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21366">CVE-2022-21366</uri>
+ </references>
+ <metadata tag="requester" timestamp="2022-09-07T02:52:51.955536Z">ajak</metadata>
+ <metadata tag="submitter" timestamp="2022-09-07T02:52:51.960448Z">ajak</metadata>
+</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 2b8ffd8b21bc..8d891b477530 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 07 Sep 2022 02:40:00 +0000
+Wed, 07 Sep 2022 08:39:59 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 281d3e4f60e2..86aa630a77f5 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-1d278bb93fbf8fdb34ef9c125c5f4536e11c15d7 1661990219 2022-08-31T23:56:59+00:00
+7771cafe7bc8660946ac9740c02f8106d63660c7 1662520070 2022-09-07T03:07:50+00:00
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-04 16:41:58 +0000