From 17ad5d72e60411f0ed843a9dbeb450d89f63d62c Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 5 Jan 2024 20:03:56 +0000 Subject: gentoo auto-resync : 05:01:2024 - 20:03:55 --- metadata/glsa/Manifest | 30 +++++++++++++-------------- metadata/glsa/Manifest.files.gz | Bin 558999 -> 559158 bytes metadata/glsa/glsa-202401-06.xml | 43 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 60 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202401-06.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 2d1addbbb2a7..af3a45a1145b 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 558999 BLAKE2B f0c255a4e931f6e5af7a60afe1dd2a2134f94e6fdb52bdcaf5c4c3919a59809263aa708951de0a4a6138329cd50ff30e21be7208e33dfdde8f09c4b83d1a1de1 SHA512 824cc6b813cbd1a1b2bde4676c1222a5e50c277df9746acfacc3a65ea993f00b1e7a47e6250173eeec46ef4fb8ee9e86fbf6ae53f464be92ed08d25cd9fcd208 -TIMESTAMP 2024-01-05T13:40:09Z +MANIFEST Manifest.files.gz 559158 BLAKE2B 7743be6d30bedd899f1ed6ee719a2c0f78de2f732319746c264a2fa060ba8ae030e9eed586d48ebb590968099f0af93a7b2f09f029dc6458c2ee484d255bd117 SHA512 86d7b1c7f1efaf6f78995086d3e2bb0b7d8c79e5750b872b064dda4aec42c093aebaf9a1ea2161c6c56fa84d61dba2be695416159673540b4a2291892918d774 +TIMESTAMP 2024-01-05T19:40:04Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWYBrlfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWYWxRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klBn2Q//UGhYDlIZEfkSj2Ehx93sDXslta/ePc2p09IZZM5wQOX0ofom+l3sXi+U -oAuP0FvnYJ902vm2P/dj23Hkeh8Wuag3PI47f+pTyRTDPe6oJViIlwYLCeF9nArb -G87jcJCKJ33QWdlKKnULWp40NBEmtYOGTiQTT56GUYJgzpnLwgBeLRvPzKcZe3IP -qNyRGssB5hzeCmpMkQ7+tlWcDUjGxliWohW13nBRY0lQHQIf2Mpw2ASzrS1JJJpr -upOejssDxynCouiQu9jXU7EdWt9OHC7gyuMvEPHiUlAL/0upUKIAQh9AG2ju28X+ -toM7AhF2WlpsNni38J2yvgW0+67OAO+OqSXYlALweI5jcy9zlKxG1JOJ5yIZljTN -xwFUauGiKPlcUtoBDWrXafY5uC29GBPvhMxoEzeOIRP75L2l10ipuTbhw3OEpxBd -ik6TcVprq5SjEDSMmjpZOYYd6qZVai13iDlnR1G1UAHiX8CS3aU7VFPAIYtZMIPK -WOZ8paoawNt8bS613sfW1GGtQZa6AMD5SIsu+1yfQsvJOGi3Jk7Pv3jQakD9bLbL -HNrca2+rEb6TLQEkyA2QWu0r3W6XAUQaGd8TJ7mt+p/13nG9ewA3wMjgXTtIM3MV -00ZzElDHIcJN3oVM6oWQ+m83VkmGqMdl+acy+KZE582xNfXJvpg= -=oxCS +klC/tBAAt1MIPnzDtjlOvGzy8HKkp1tB7+LFwTGM6yDZhRkkSP1TVIvbwym9jEtg +fVHJIjdAofkk5b6rGvKELpb1YG1GCbnodrFb2CueiomDKBbhN6H78MLVti4AV2B3 +NDKLXemyWo/Nxa1NSotASJiQIZNBTkvU6olddCxtOXmCv0esgXHtJln+XN4FVbFr +8YBADMNfpBoIyWj5nd8xi0kJDE6I7kQVFNbbdjEK53xo3SqGQW/9/uHVzFbrtgju +YE3gGvlVbtkbxSkSewa2jwITyHJaJAcYYRYwyQn327Z2Ja2bRp11HxiCCYeDQWdJ +77uKQX67bMZraJKkMMPWFNDe+e8lKBQDVjQ3/mMXchkelIe1erAEQm/rIrFHZaxJ +Hu7JantYN8WCiX04MtleiLSbNu/na9VMKxyYIpeGQfi/ZI6OuiXV4Je5MGKyh4hs +61qZPVvI0MJiIhIhDav2acK3TNLhmdALUDMiCj99FO4oSSfiqRjAb3TldCHR1FDc +wFEyH17CWqv6XLCxWSAnjKgc8Ok1m5SN5LuCy9X5VrT8AtNRJ4Cd6Tfym1CtRYS2 +wLoACwDQvF8eURBAJZ98I9Py2/uPTlbpk8LiKFXvSx6Yxm+7pwl8u1ZLdm+i9rZK +jnseaSQo86uxp3IA2TW+Nevyuvb6v0DB7BjKR6HZwMZWK9Fi8ow= +=9d9j -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index 73ff6dfcb9b5..bc5279c092c5 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202401-06.xml b/metadata/glsa/glsa-202401-06.xml new file mode 100644 index 000000000000..0fccef02e6b8 --- /dev/null +++ b/metadata/glsa/glsa-202401-06.xml @@ -0,0 +1,43 @@ + + + + CUPS filters: Remote Code Execution + A vulnerability has been found in CUPS filters where remote code execution is possible via the beh filter. + cups-filters + 2024-01-05 + 2024-01-05 + 906944 + remote + + + 1.28.17-r2 + 1.28.17-r2 + + + +

CUPS filters provides backends, filters, and other software that was once part of the core CUPS distribution.

+ + +

A vulnerability has been discovered in cups-filters. Please review the CVE identifier referenced below for details.

+ + +

If you use beh to create an accessible network printer, this security vulnerability can cause remote code execution.

+ + +

There is no known workaround at this time.

+ + +

All cups-filters users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-print/cups-filters-1.28.17-r2" + + + + CVE-2023-24805 + GHSA-gpxc-v2m8-fr3x + + graaff + graaff + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 4bf5a1d534b2..ec8aae821f50 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Fri, 05 Jan 2024 13:40:06 +0000 +Fri, 05 Jan 2024 19:40:01 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 0200e3e095e8..066490e28f40 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -18540d77b43283bbeb478e2efd181954f507ac07 1704461679 2024-01-05T13:34:39+00:00 +13307cb5778acc25f47ab91c29f839443f3a4cf8 1704464830 2024-01-05T14:27:10+00:00 -- cgit v1.2.3