diff options
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
-rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 563604 -> 563763 bytes | |||
-rw-r--r-- | metadata/glsa/glsa-202402-01.xml | 49 | ||||
-rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
-rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
5 files changed, 66 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index dfd3c31d5160..4fb7479a8dbe 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 563604 BLAKE2B d497f4e02c0349649ea1fd84297af45ff253c185da14e6dba30f010f40d1ab86fdeb750087d23d7e892d4b2a6c45bb36baacd75348d2a50c0dc3c70213c1836e SHA512 c8b2f6bb87969de216a6075f22dc589f34d03bc0cd503b9bbedb9672f2aa19209f4d1236cd3f9aaf54428705e66f266c37a1f0bdb30c6fdae78df87761e4d8da -TIMESTAMP 2024-02-01T23:10:27Z +MANIFEST Manifest.files.gz 563763 BLAKE2B ad08e0810fe103c6fa75e908cf8e2fc59829c625b62d3046da60e9504ee322b550dd80f2b55ca4966a6ca9514873f3ad3a971855512a73e5aa8af57c416df904 SHA512 686eceb0a4e973d3931559acc70bbca71af98c9816890a0c4197ac907326353d25dbfef06b2f26ca53274310cd12ab9ef6adfeddc7c3775d1fc39f927accf94b +TIMESTAMP 2024-02-02T04:47:53Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmW8JONfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmW8c/lfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klDqyRAAqEb7Icqe5O4NApTfnauWvfua7ADkegv+V9Jz25LDDd8rpWb2r8GoAFxP -UY0JIEwRhzjYAj6OTwBQtf7DEpT7L4YGScupfn6xbG++o5ods0NXFsogd2EDj0nb -ZBINqVAlu67SC/He6Vj9nkppDeG92BFGeKP2VItsSG/dXt9ndPJIIyRJ+e0pd8fU -xqTmJdko+AG1RRTjDSEI5LBgMCx5DJCi8HwaqOfS8+OaKVdkFWXAYVKO9dUInZjl -nanqVXa+FLIY2zc2qRzxI9OoAfJ2wPKj73AKcfPo7Mx1QkKJS1EqrBv+hS/sTuRO -EI2EEGE9XWK7M2yO+Kr/jSj0bTKedRl9SReodfo5Vv94vE927WZ7iK9293Ab12g8 -y+reHgwPWgu9hHYTky7/pWFvyy1ezBTSDy0dRavJiI9rly43AorJpGDzzHyIsxXe -Dez+EkTHTkqyACeY8nnf7GqGDYyLbdlUjJplmqMLwX766LwHsjHQgxwDdQW7wIvS -IdXHgaE59+8aUkUdTtxI6VEA+6oNHrids3yJJtcEGPi2oJU+BJVgvUSq0BbzU1hC -MCLhxohOrae6NsD3lC+AxYx+C/16DfbXaKf/QBCVo7Kv3p9ozMwDgM6jgQp/kDxI -cB1uBjXyxCdZ5yXnivCaAAeJka4ErM3xIRv70HxXcXR82eT1BaU= -=rgBM +klCH7hAAgs+CPumD+sat4WU05EU0hzaPhbXo05xIIv+L8xz9HY+pR0OUCzF6Dq3q +b8xGv1T43BKzKqNnYTTmkjRwhaFfC9P/Wtlckdo3tnKOtpB8FOEcp8cvIt1NmMhW ++dqJDui01czTFX/ch2O7jgO2mUOQhNrKivPktBAqZLLryDJoU/GBEKTF27q7mXLw +Awz+HH+FjuqVUnsgMmqayT98Aa3Qa8CeB/U/xlwm8hyHerwvBhFAbWeq7zMdDoZr +0qJsjGtiv7dyLVmhpM8imVmgEFqu5MgZXMtuqxxH4IMiKbzvSEzko8JBLdxf/aQ8 +YwO1CazejNAY9AApqn1V3eefJ70hg0FhWWdXxJS0RSqZO8+uwOQAqTongZFN/ymk +XaodUU+O4ZZahpQ4scJt6a2cKZ0WbqH55vveri4D+mP4M98S29Nmv5E3f/pGpRjs +edsySK+nlKOJZhK2htKSI0rISZ8DtSdU7tmuSbH6GpjXldMvMXkZ7QJDjA7wS5kX +Xxrw82CLFGokcEGWg7bLVHOL6jcJBxBg3ok9uveRT4Gy0gM53bZAb1ss5oXkW5Qk +vPpTOoj9CvAwDm5qe4IM6lOqwn32+gqdZ08a5VIWmYRJttmbz9HIq6AlvrJzSra+ +jUiVBh5XrlJjXHiPF7A5AtxGu48FXsnUNJGEhD5srALQ9XBqNjY= +=qYEi -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex 44241c9c7a69..0935772a319d 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202402-01.xml b/metadata/glsa/glsa-202402-01.xml new file mode 100644 index 000000000000..7fa0e51147ca --- /dev/null +++ b/metadata/glsa/glsa-202402-01.xml @@ -0,0 +1,49 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202402-01"> + <title>glibc: Multiple Vulnerabilities</title> + <synopsis>Multiple vulnerabilities in glibc could result in Local Privilege Escalation.</synopsis> + <product type="ebuild">glibc</product> + <announced>2024-02-02</announced> + <revised count="1">2024-02-02</revised> + <bug>918412</bug> + <bug>923352</bug> + <access>local and remote</access> + <affected> + <package name="sys-libs/glibc" auto="yes" arch="*"> + <unaffected range="ge">2.38-r10</unaffected> + <vulnerable range="lt">2.38-r10</vulnerable> + </package> + </affected> + <background> + <p>glibc is a package that contains the GNU C library.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.</p> + </description> + <impact type="high"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All glibc users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.38-r10" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-5156">CVE-2023-5156</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6246">CVE-2023-6246</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6779">CVE-2023-6779</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-6780">CVE-2023-6780</uri> + <uri>GLIBC-SA-2024-0001</uri> + <uri>GLIBC-SA-2024-0002</uri> + <uri>GLIBC-SA-2024-0003</uri> + </references> + <metadata tag="requester" timestamp="2024-02-02T03:02:44.468870Z">sam</metadata> + <metadata tag="submitter" timestamp="2024-02-02T03:02:44.472185Z">sam</metadata> +</glsa>
\ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 06f777526268..6ff4b901168a 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Thu, 01 Feb 2024 23:10:22 +0000 +Fri, 02 Feb 2024 04:47:49 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 7a936a895a15..982d77fc4215 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -8064a0b694d29fb2fca491d65494098fb43c2ffa 1706715575 2024-01-31T15:39:35+00:00 +1b3d5c5b8102daf085b27905a139c5e8c4c7d591 1706843003 2024-02-02T03:03:23+00:00 |