From 713e25c0c3d1e5434ac60ec0549708ec2f744bb4 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 4 Oct 2023 11:51:15 +0100 Subject: gentoo auto-resync : 04:10:2023 - 11:51:15 --- metadata/glsa/Manifest | 30 ++++++++++++------------- metadata/glsa/Manifest.files.gz | Bin 549303 -> 549460 bytes metadata/glsa/glsa-202310-03.xml | 47 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 64 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202310-03.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index eb7504c82dcd..db6e875dfbda 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 549303 BLAKE2B 2f2faac40bd20bac0e3cd39614dbd08d21b1f7881f63ae9d0818f2b4da5ca34a7c78df0e5ab0852b794fa786d802b5040998315d8f36069518e90e082b9c244e SHA512 91b5bd6983fe455c6ec55dabb8763f63460603682e7feb1913324d4cfcd985ee99dd07b8f9b0bb6aa35b8a2fa6e1342235f954581928615b1a56995d87f7cc45 -TIMESTAMP 2023-10-04T04:10:06Z +MANIFEST Manifest.files.gz 549460 BLAKE2B a1f9ee4b119079d55103a4ccc3197b5638e1f0913b6b08dbff50e6a9ae785bd677e97041b367e5c90d4e715da5a2e9d245d4614a65f57c6fffbe3055d41af720 SHA512 af57c6ff084a9b4d66c2d7d6cdcf381f6edfb5a8b5e7b97a153bb0d0556002c8d13b0c6530999163f8396d382c2b2f781f28b63456546ee7c16c7c3f82742c24 +TIMESTAMP 2023-10-04T10:10:13Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUc5Z5fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUdOgVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klD54A/+Oxqb9Xi6wOKwWCZoovP7Aw8BZLJU0SVUGEgYUXdjBBXmfIue0M0wyaxH -JJ0ANouGINiH71Yf28Sz3xqr6V8xTyw7nRZjJ3wONBsIciefw1DD1xTGhV26Bnse -tFyzHu3mCjnetjga0ofMLxNwEZQUKPHPQtvrC+/A6aYRz3hEKblOwSxWtp6ryNo9 -/AJzljoJocjIlHWiNPsAc7z7g6Lr3yjWz0rpyD1GG6Z1MikJN1/9sgzbzWXim2NA -VtuyBVdgRTHYQOLs/gCVQbaCgPdIDz6psJz64p3Ktg3VYR/Lx913Ez5c5X2naNS7 -UUnc/7WASA3UP2onDTTF62AosjJbqe7QdKQLSENkz1NX8zEfxDGoCtV/ugV0rGO6 -FnXt/Ya1fJdFPWtYNeMWl1EsmExIKf9Gliwm47cb7kvLFsuWIW5wZMM1rTxgAhLI -23bFP1az4cRdl7R2aeSorm7Id6po8PRWPtiKktiigC65F/Xf93gUQYyzm0R1s9xe -EY4xJvdByAqlYqfldkWmcITaXonScNzk17eBqfqReJhpAqIvlPMIcYs3KmxI1C7R -7+j6ZlW8gcrX3+EfW3WvBcLSFqCQaZL5/8oxHOWmXZrBQRUb6NVMI5yTTYGcgXsv -9Q9tDY+YcsKWJdBcKIXRC9Ll0VW4LNYxXfkMkoMW7VFRIhpa0cA= -=ZZyv +klDmlg/9HBr9rlvuXXu6wZkguZCHd+LrEdxj2g0beJ9QakQ9OnSpm5kiYlWKQEsp +vRjHJO/iAg1E3zC4JfLUAje1AaYwDUggAYuc+lLCozQfJzq0kyChYQm9mWd5LyA/ +ym3+SzzulpOhE4aQgCZEUN0sOylkHmiMlcwx4mh7Dpc0knIFb/7GDTmZYoJy6WwI ++hedW0Jj+9LVV7OgZ6yNWCjRfhVV3NnrA2wRAmVWFNgs3PTezenZ/myP1vo6+8Yz +kq2yP0ybQX7mQD6b9xf3o9NSk6wYmz/6DXCAgCTMVLhblEhJ7o3+7H0H2W59nF5E +HaybFdmrObOzM7nivDIHpKE3zjwypkkmCcMcBRv9wuddph+38VSNmIaAhG1T2NQ4 +Lhb2se13umiwSOIfEulS3lMJVvTtSTZl8h7sUUJrY23hxMDfCqd9WjcvuosWCYNV +E3rsNlwE/UIH1zToXJ6uKfT27u9rsYue6h5awjkl7f+0+taWGjQerCYj7TFkoy5Z +XrwpwWPycLlwV75qcHLS9l6xkpLMaeZQ1qeDadAm+D7RqNqfMsTzbDJSyunkPuRD +/94492Y1OE3cZRN4aCAyEBiF/fT2zDuczMhOuWDpAAu6Cs++/6J6idfpomEEWB1z +nHKJg77r5ySgWhDFY9xjpyWTwtob7bY189ndGQChAxlZNI54P3s= +=TDQs -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index c95f1f7b00e2..b03f0fde4bfb 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202310-03.xml b/metadata/glsa/glsa-202310-03.xml new file mode 100644 index 000000000000..cb112fcafeef --- /dev/null +++ b/metadata/glsa/glsa-202310-03.xml @@ -0,0 +1,47 @@ + + + + glibc: Multiple vulnerabilities + Multiple vulnerabilities in glibc could result in Local Privilege Escalation. + glibc + 2023-10-04 + 2023-10-04 + 867952 + 914281 + 915127 + local and remote + + + 2.37-r7 + 2.37-r7 + + + +

glibc is a package that contains the GNU C library.

+ + +

Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.

+ + +

An attacker could elevate privileges from a local user to root.

+ + +

There is no known workaround at this time.

+ + +

All glibc users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.37-r7" + + + + CVE-2022-39046 + CVE-2023-4527 + CVE-2023-4806 + CVE-2023-4911 + + sam + sam + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index fd4b4a5fed38..b92e786ad91c 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Wed, 04 Oct 2023 04:10:03 +0000 +Wed, 04 Oct 2023 10:10:09 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 3713d3adab6a..276c5a56bfe3 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -e0200868c5e75eb57e7355dc8786db0f79271aa3 1696337223 2023-10-03T12:47:03+00:00 +029e12731f29676d3f6ebed09f7747ee6e15c5e8 1696406561 2023-10-04T08:02:41+00:00 -- cgit v1.2.3