5 files changed, 63 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index a385a79cc866..a42c155d4813 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 546124 BLAKE2B b8c960a7f19f0cac8ea254b9330e3a1add1f4be28ff0a9b4020f5e68f250a6b511280b7dd1dec4e472c73320abae493b0ab8441075c681803abfb19ea280332e SHA512 0dccc4f920463740ab2803f55b50f1cf0df2af9d58750c12c98fe5963dc8738d5a3e8d6a895c2e0d3ba8230bb61557b6e88b4fa56b2f05f5697577b68a9413df
-TIMESTAMP 2023-07-19T23:40:12Z
+MANIFEST Manifest.files.gz 546284 BLAKE2B ffce95d14dec8e0ecb1658575f411350a797650e5376e656bbe5d1c11b4e05372611ac4ca5de41270e2e69dfa9461b99f212aa044d6509bb082c7f94d92006b8 SHA512 c90fc6416d62b1b09cbafd89df9a8523e7e9eec12dd28fd39f81776bc9076c1e64fdb0203c709c330d323ea0c05daf6d59e5c469948b4d49cc6d59443f29557a
+TIMESTAMP 2023-07-20T05:40:02Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmS4dF1fFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmS4yLJfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klBCrBAAimmdrZ+uChMzhaz5BrEHAk+r3pjZIsJAnDvpygpGRhINlFzPPgrlWd08
-g9EAhZG8TiVCTkIy/Mc5jgsQTAmJhFTF52mHk5grJ+c5vlTedtHq+ALuoemMHBl+
-mlf1d+oBv82liHIqI0tgdi5Ev+vewFeIVM/V9NJDVyxcRF4BP8+Sh6tODvnBego8
-XQptzJgCrLYE8BubUkh76Q5sL4MC6OxC7W5u4Y8IqOG6YocBY1D/nWnN9anFSbNQ
-Tx4gVvo4uN737lnbF/6tBi4gHUYdnwK4q+jyZujYK9PAUJOg6zcQ/NdjkIoFpGHy
-VmBgN8z+h47H4GwJBzgiuI8KOui8/Ueagg0Px9CZaTUbLL9H/N2x6XYV01w5HBvE
-F2zKp3e5CYSHorG5xUGnGX1wLKoH+oU2+nKY0FCphNRHy/OGbwTsuHsXHk+1fm8s
-DEEd0tqPFfQYo+11hrdMqUeKhzJ/DXdUZpUQrkuNLYDJF9UCQzXFT+/XBtJMl+dx
-m96VqRrJ7o6pRBXF20hwXDOB+2aCYqtMkziVOSwRQ8GfF1SLwbw/zZDhy28TVcF6
-6H5a+9T8NilNX56lB7xb/U7VfVEAy1gPj4ZqN48dPf/5sl8Bv4fRGsFPgZmrExQJ
-zijVIUDdtlxFDFuwVhXb2F68SG8LOevJxO1MjphQWqty07xpaCA=
-=Kl67
+klA4Tg//bME+6yqCOymo0svGmmLdOZSRp6VJY75eLXxVyOVC5aCcDvEHujs2aeM0
+I90aHkjGxbzelC3CrRIrQdY667zQLoX8hMcrtaiCIeLcksnj/Yw115R+l+nADkSU
+fKng185RS3jiKF/aP+/fkV5vdpy1AaC8tzyzTfSq0xTOZqxpxxqwFmsydDjJAbqk
++WMi+HeCfgWPXVVnsqiY20139eHHlBME26J0Ak0UGLiWp+aMeBgfbqMnks3ml9I2
+xwUaacalfU77c6KdGvMdyyVCQl/DbUvJLGbI9TRo6wY2e5j8ifrPLGIUMd3Ka7+U
+HhKvOE925POSrAFXXiZzXA+13XRKdU2eMqklOmjYiktPybGReJvUBHOhMt8mgt6U
+/LYd6uOuBJBedsnGxQ4121jv1mtRZnIyKlE9aHJDwzWBx8200X3XMfnPQfk3ybOi
+0fBKtKMD+2IDYSgClhEl8NziVMpGkLNpx2X88lA/Ht6f+33GJX5NrQ59inWeqLR4
+r5o+KgyffJOWZ9bxFB3uQPPJXQcOXxdVLk435lyzMYBJZaMhc9b654ZZINdUCU/Z
+bzvWClbcsdvkqUC74PLbbnRy9FsNoQlLV/idbf0anqcOeAyajE6MXsl3HB20MdHi
+wjF8jl9a88hogJJe0M7TpPZHNdSWbTQ6wM+Jh+9ECmPXJiVj3U4=
+=IjQg
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index b00ee056dd18..933f01207b15 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202307-01.xml b/metadata/glsa/glsa-202307-01.xml
new file mode 100644
index 000000000000..4fa7ed99c6cb
--- /dev/null
+++ b/metadata/glsa/glsa-202307-01.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202307-01">
+    <title>OpenSSH: Remote Code Execution</title>
+    <synopsis>Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.</synopsis>
+    <product type="ebuild">openssh</product>
+    <announced>2023-07-20</announced>
+    <revised count="1">2023-07-20</revised>
+    <bug>892936</bug>
+    <bug>905299</bug>
+    <bug>910553</bug>
+    <access>remote</access>
+    <affected>
+        <package name="net-misc/openssh" auto="yes" arch="*">
+            <unaffected range="ge">9.3_p2</unaffected>
+            <vulnerable range="lt">9.3_p2</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the CVE identifiers referenced below for details.</p>
+    </impact>
+    <workaround>
+        <p>CVE-2023-38408 can be worked around by avoiding connecting to untrusted servers with an SSH agent.</p>
+    </workaround>
+    <resolution>
+        <p>All OpenSSH users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=net-misc/openssh-9.3_p2"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-25136">CVE-2023-25136</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-28531">CVE-2023-28531</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-38408">CVE-2023-38408</uri>
+    </references>
+    <metadata tag="requester" timestamp="2023-07-20T02:17:18.328897Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2023-07-20T02:17:18.348364Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index d5cdee6461b0..e7453a02174b 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 19 Jul 2023 23:40:09 +0000
+Thu, 20 Jul 2023 05:39:59 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index cfc786be5080..e8299091e63e 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-023c3018165ffad6f1f6a874561e1c3c555cb505 1685499625 2023-05-31T02:20:25+00:00
+6394ef8ae23b1cf183b45b603eceea6389a3c371 1689819508 2023-07-20T02:18:28+00:00