summaryrefslogtreecommitdiff
path: root/metadata/glsa
diff options
context:
space:
mode:
Diffstat (limited to 'metadata/glsa')
-rw-r--r--metadata/glsa/Manifest30
-rw-r--r--metadata/glsa/Manifest.files.gzbin437590 -> 437739 bytes
-rw-r--r--metadata/glsa/glsa-201401-04.xml19
-rw-r--r--metadata/glsa/glsa-201503-10.xml8
-rw-r--r--metadata/glsa/glsa-201811-02.xml6
-rw-r--r--metadata/glsa/glsa-201903-16.xml54
-rw-r--r--metadata/glsa/timestamp.chk2
-rw-r--r--metadata/glsa/timestamp.commit2
8 files changed, 78 insertions, 43 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 549df1977bb3..58d40981b2b9 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
-MANIFEST Manifest.files.gz 437590 BLAKE2B 89b5299a2ae5909a2f126e7d079e486a46a84b314ae3fd8e955c116ff1469671110300e3034ae816a3f8d7760ff951864b0f6a2ea8e63f69093f03e040aaa3f5 SHA512 af2b9c5421b1ff957533cc161bb0347cbaa2e3e90c9069b5b7e6141ce2a943b1cc971aacd34224e34915a04db19e7b1d06ff5519de5e8c67f4753e7fc7157bf3
-TIMESTAMP 2019-03-19T10:38:40Z
+MANIFEST Manifest.files.gz 437739 BLAKE2B 986d7885b63d9903e2be51f4980361e09cfab26a44bdf1fc19180e54bbfb08e35d9b07514fdafb5d9dd61741d963d11d09f566711ba740c442f3ec1b81389888 SHA512 8939cf4eb9710559d875f85824a818d334f3f8a2240773ee7803d34445cd3328191abe522703f58520261cf19228963b4ba55f01db6f454471b7f17577f5ec60
+TIMESTAMP 2019-03-24T16:38:41Z
-----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyQxrBfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyXspFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klDrDg//YyE6JU2ZaXcEyszFO1/7+5m21MFqI0yNLvg6NpEYpKPXydaplPlZWePP
-KwpwB/UCravezXqOive8GyGbClBKOrXI2PzX7gn+PgyNW5BQQgVgg1JKev4FCcr1
-IwrdKhLI7hi9VnGspot1SSROQfYoCq/Y367bv6t87fZ+0FLq3+Q2wJvSo0tbAWCM
-CzxtPT6j9wZll3TFTLHqccw9cOCSJkgJ1U9lhTVfn47ACO4O3AmwZA08vANyJPGA
-WBw1k9mdh6OPBXf72NauBPeEFDB9L39HHYifdCRlBhw1e/Go3ptjBcsKjqG5ZJO7
-JcVz4jtLrFpHDRlKQjtxeUZstkUTmnk3hXtKnHH9pCNUnAWWa09gFpz6iRIomEEQ
-7f4CKWJI69WtZlfj0U3FdUkO7L2TXdikJWp/rLTyQDsM4JNrBEgUqr1DnReVhijW
-A93TJ+0GrFh9717ym8XNsIJPgQlS0p5kMY+41d3e2IE+GRTDz2IOWHfnqmmOaS+/
-7pz9Gs1yjim+GnWgCPPVp3zVE/lUTq4n2w6TQZg6q6Q5AI+8z4OKwu8S5QbgsgVH
-56Jh1U7gh7y1z/3TtiFJ4fsi6LX91KtsYc8D7+J1Kq9lHkXUMRLaqnDd5zPgGG8I
-4QZ2SeDBsAb2Zu96B4fqWf8PkO9Vw97rWhWRJxux9jXzeeFpH4k=
-=Xxnn
+klDyChAAj2n+osEdeqnHSWALpY+HRZE7y8grtbeEEAjoxWr08nhm2ivaP2vPGT+W
+FseMTbEHgdgkoHlrduWXs/vnqgh5JyLWqAjeS10vzz6tZBdei28rxFLNjbgTxYH5
+ePbwe5CJAdJ/s9mOTDpq4N0wvjgG1Ncj6SICeqMhiOhHskvwKw5TfsmfratOeXiJ
+ICyDUa+Q7INdPD0LCmpGTbDXBBymX5lBoVuVhF9mW74FR6DSoWK/YNcsPe7r8ikX
+5vZTXpL5fXM8TWfV0n1rf1H5bPZjcT7sr+F67ezfs/sK6hcOGAux0TDoZd9i8/Wr
+cLWwCeduJhlI97qCvRfN69iizlx6BHmznVMo0g81pERSOgLATwrCg6pRNBplU3ka
+b0kZGQW8zNYoZi57o6bntxQL961GzGlzlNQybQErsBBV9F6NYSJkP3dNwJDdWLJt
+y9WkU9TrFTacTlLaP+BWqZyK3WH8sPh0w4vkqqICRXcPR1kVAfLiKW2V+D29Xl9d
+QF1aVVZTvkm387VqtmLbiCc6/P9fWbwQb5/Wg2VcMaSNQlsLTktFgmaUZ84iJ468
+qs+RDaLtjRlPMTn0Twg4pAg8JZSXmDkI24d9ohiEH8/ygE3L0HQIOGcktAil7jjN
+zI4i0wC4fvODybnbE3fLjY1RER6Smze2kUDoTQ3yIW167r87P24=
+=cpdK
-----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 01756e23b684..d33514664e8f 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
Binary files differ
diff --git a/metadata/glsa/glsa-201401-04.xml b/metadata/glsa/glsa-201401-04.xml
index 8783065d40fa..8455a8b2cd1c 100644
--- a/metadata/glsa/glsa-201401-04.xml
+++ b/metadata/glsa/glsa-201401-04.xml
@@ -17,23 +17,10 @@
<access>remote</access>
<affected>
<package name="dev-lang/python" auto="yes" arch="*">
- <unaffected range="rge">3.2.5-r1</unaffected>
- <unaffected range="rge">2.6.8</unaffected>
- <unaffected range="rge">2.7.3-r1</unaffected>
+ <unaffected range="ge">3.2.5-r1</unaffected>
+ <unaffected range="ge">2.6.8</unaffected>
+ <unaffected range="ge">2.7.3-r1</unaffected>
<unaffected range="ge">3.3.2-r1</unaffected>
- <unaffected range="rge">2.6.9</unaffected>
- <unaffected range="rge">2.7.4</unaffected>
- <unaffected range="rge">2.7.5</unaffected>
- <unaffected range="rge">2.7.6</unaffected>
- <unaffected range="rge">2.7.7</unaffected>
- <unaffected range="rge">2.7.8</unaffected>
- <unaffected range="rge">2.7.9</unaffected>
- <unaffected range="rge">2.7.10</unaffected>
- <unaffected range="rge">2.7.11</unaffected>
- <unaffected range="rge">2.7.12</unaffected>
- <unaffected range="rge">2.7.13</unaffected>
- <unaffected range="rge">2.7.14</unaffected>
- <unaffected range="rge">2.7.15</unaffected>
<vulnerable range="lt">3.3.2-r1</vulnerable>
</package>
</affected>
diff --git a/metadata/glsa/glsa-201503-10.xml b/metadata/glsa/glsa-201503-10.xml
index b1968049e389..52c86ad82e0e 100644
--- a/metadata/glsa/glsa-201503-10.xml
+++ b/metadata/glsa/glsa-201503-10.xml
@@ -19,13 +19,7 @@
<affected>
<package name="dev-lang/python" auto="yes" arch="*">
<unaffected range="ge">3.3.5-r1</unaffected>
- <unaffected range="rge">2.7.9-r1</unaffected>
- <unaffected range="rge">2.7.10</unaffected>
- <unaffected range="rge">2.7.11</unaffected>
- <unaffected range="rge">2.7.12</unaffected>
- <unaffected range="rge">2.7.13</unaffected>
- <unaffected range="rge">2.7.14</unaffected>
- <unaffected range="rge">2.7.15</unaffected>
+ <unaffected range="ge">2.7.9-r1</unaffected>
<vulnerable range="lt">3.3.5-r1</vulnerable>
</package>
</affected>
diff --git a/metadata/glsa/glsa-201811-02.xml b/metadata/glsa/glsa-201811-02.xml
index 6ba1bc458393..ce9a6b6e7109 100644
--- a/metadata/glsa/glsa-201811-02.xml
+++ b/metadata/glsa/glsa-201811-02.xml
@@ -12,8 +12,8 @@
<access>remote</access>
<affected>
<package name="dev-lang/python" auto="yes" arch="*">
- <unaffected range="ge">2.7.15</unaffected>
- <vulnerable range="lt">2.7.15</vulnerable>
+ <unaffected range="ge" slot="2.7">2.7.15</unaffected>
+ <vulnerable range="lt" slot="2.7">2.7.15</vulnerable>
</package>
</affected>
<background>
@@ -39,7 +39,7 @@
<code>
# emerge --sync
- # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.15"
+ # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.15:2.7"
</code>
</resolution>
diff --git a/metadata/glsa/glsa-201903-16.xml b/metadata/glsa/glsa-201903-16.xml
new file mode 100644
index 000000000000..7e9889dc2827
--- /dev/null
+++ b/metadata/glsa/glsa-201903-16.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201903-16">
+ <title>OpenSSH: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in OpenSSH, the worst of
+ which could allow a remote attacker to gain unauthorized access.
+ </synopsis>
+ <product type="ebuild">openssh</product>
+ <announced>2019-03-20</announced>
+ <revised count="1">2019-03-20</revised>
+ <bug>675520</bug>
+ <bug>675522</bug>
+ <access>remote</access>
+ <affected>
+ <package name="net-misc/openssh" auto="yes" arch="*">
+ <unaffected range="ge">7.9_p1-r4</unaffected>
+ <vulnerable range="lt">7.9_p1-r4</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>OpenSSH is a complete SSH protocol implementation that includes SFTP
+ client and server support.
+ </p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in OpenSSH. Please review
+ the CVE identifiers referenced below for details.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker could overwrite arbitrary files, transfer malicious
+ files, or gain unauthorized access.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All OpenSSH users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.9_p1-r4"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20685">CVE-2018-20685</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6109">CVE-2019-6109</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6110">CVE-2019-6110</uri>
+ <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6111">CVE-2019-6111</uri>
+ </references>
+ <metadata tag="requester" timestamp="2019-03-10T21:55:11Z">BlueKnight</metadata>
+ <metadata tag="submitter" timestamp="2019-03-20T13:35:05Z">b-man</metadata>
+</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index e93b41aac52e..0d6da7d59058 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Tue, 19 Mar 2019 10:38:37 +0000
+Sun, 24 Mar 2019 16:38:38 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 98bcf26d91f9..32ede4730464 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-0a72c299702ffceee8f32f22b9d7b2c33e5140a0 1552965642 2019-03-19T03:20:42+00:00
+739370ce577c724f8ff13c4c2ea63220b9561f7c 1553128397 2019-03-21T00:33:17+00:00
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 08:18:39 +0000