From 7bcfea9c5e79a425a62a66bba477b9d3c0d7fdd0 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 7 May 2024 00:00:56 +0100 Subject: gentoo auto-resync : 07:05:2024 - 00:00:56 --- metadata/glsa/Manifest | 30 +++++++++++----------- metadata/glsa/Manifest.files.gz | Bin 572034 -> 572194 bytes metadata/glsa/glsa-202405-17.xml | 52 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 69 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202405-17.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 3ad882f3b545..3e851356a9bb 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 572034 BLAKE2B 427e26e3706e8b7f4e943727b7a276ff31555d4a18c9abd9ac389162f60f359fabc5ad44aed1e3c3f6d38991598bc3ff3e531c1f963bfd5e7d187d907fd49f1b SHA512 3e6522dfe9208dfd01f7db32abf65212808c56cc43a74fe0a9b911b441ef07605f9d1faa6262dd0396662cdf416d987dd593b2bbc769fd24d997636dfd253b01 -TIMESTAMP 2024-05-05T22:10:08Z +MANIFEST Manifest.files.gz 572194 BLAKE2B 736dd063af339592e54b5eb6a96b21fa114076b32923b0103db465e82be98d9a5dc5a73f66156af8907ecc1ce8bcd1ef8a09c8d98208c594ebc2cd3109b3d410 SHA512 b7dadaeb677f04cc391368d9d0aea276a0639d56dc6eaec3d59d5bbc8046775a8cf34c4047312d631a6f118781f907bf1c585178c705c0b9200dac6163ecedbe +TIMESTAMP 2024-05-06T22:10:18Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmY4A8BfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmY5VUpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klB1hw/9FJWD+3z3F7GiFMQbtCpoQxH3zSbDiUwjISq74qPnkdRsaVUt+F5iB5Nc -jsB6L/H1INR2dq0Lmubx1ZoBm0FAlUr0wQ2s61lFE+Gg+3wGK193Cij8mouCTOz+ -6ne3bvKjBuAwTzk0G+gTKk0BCQyj4J24yGd3g8qnrbqC8YU4xtT4gVu9gT8WCDqM -CT26IIJFS95IDg/NFA3eeGYAt+qn+3YPQjQ5pSHVEYH1XMx/xvc1MTEC56GLx6QZ -oy2MgjjktWEY0C1CjQpG9eYf0g9iBOb1Ci68nmuwqbOmb5RRSGjNSM+F+/WHVHEA -P00orxSlZJ4XK8Et8X/Aqkhjo/lJBe9eu6UaO/A3tQvMYamVGaC9lVfYmFuzD7Sw -rtl/FWr9EWoaDyRsnvxLer9sM3YxKPygJ3WotclSCLK/oPIVxoW6L0M7mdi3rPFL -zmrBNfenghURVEa6JHcdXNDuk141JM8y5roiAcdIOOIWrHCWOfK9vRmwTZwRH0RC -VYCCOdjmO0IseXocl8XT0RFuOa0mqFT+xohViMPvAyNOsLcVjBimj9qSTFK9P5W8 -kDpQsD9+1LWuVNnIvxFNdFvGBn6yWHXb6Te7UzOSBrM/K6z76ysiqSCrcs4biQFT -YhUK33qnyxLIUoumvJPPznsaAxoUfPmdLzxomN5MYLgdybYtIaU= -=2pMK +klC7HA//Q/IdUwO+Kpd3wfQxZDxUGt3meOmOY7Kw6/9LLQbPPKgwsdmuRELt8h9J +DrMQjFdaP9qNl301nsanZwQM+GOjFdmhoMU79aYGkE8AOTkXQwpQf060LbpBpiec +FhKdrqmZ/fwgCOkKWGH227opWjaebsFNqxks1CFSvETeaR3+WECvs6J9m4baOqOc +GzQR74AGjJ5bpLTuXDwu8R8C6pBJNi/wBgMkxygaj9L2l4/thjXigbxr3GvW2Sam +SXt5xAFQgE+kZ8LCeyQWjBsTb2G9dwU6ns1a2Oyn9UgMa2QeGSrthhJlYhvvJlSY +lj54O2580B1qyI6kCo5m9t2dOFQXOXPhKBChilYkqX33CYHR6S9oC7zeLA5gircT +qrLZ5x3By9gUXrKjqr0KDL/ceOWw9DM3U2cwEHxZBguUaje3K2SD8cvwvLXHp83J +FAAlpPIAyAEX6BMxyiwFQh8gsXpcyytErOs7my/Xc8qhgSiHTwt9J9O3NQPnxKji +hEo1vNjxuLTECTCq6kjzL5shH5VVvXARGNsTcqvimlKn2J7WGdsmBQEwLOIIXrA0 +WThbOvTu3tJ7NEQhOw4RizhlXCIqnogoEjlrHd3tnXt+4Bf7A/fyLImV/7+2Cl1r +9oL6dxCJLMI/Vz0VVVHd+6H5c9PsI/Eohb9Dm80P1IPeXMzeM0Y= +=bXMC -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index 2cc0ec9712c8..c5bad3d1e52f 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202405-17.xml b/metadata/glsa/glsa-202405-17.xml new file mode 100644 index 000000000000..07d4418f120b --- /dev/null +++ b/metadata/glsa/glsa-202405-17.xml @@ -0,0 +1,52 @@ + + + + glibc: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution. + glibc + 2024-05-06 + 2024-05-06 + 930177 + 930667 + remote + + + 2.38-r13 + 2.38-r13 + + + +

glibc is a package that contains the GNU C library.

+ + +

Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All glibc users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.38-r13" + + + + CVE-2024-2961 + CVE-2024-33599 + CVE-2024-33600 + CVE-2024-33601 + CVE-2024-33602 + GLIBC-SA-2024-0004 + GLIBC-SA-2024-0005 + GLIBC-SA-2024-0006 + GLIBC-SA-2024-0007 + GLIBC-SA-2024-0008 + + sam + sam + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 49b43657b5bd..75526f1f978f 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sun, 05 May 2024 22:10:03 +0000 +Mon, 06 May 2024 22:10:15 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 5f16a0b231ca..3b0047a72b19 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -c767a7641029f069d1d45e5c732d96ab77a03a45 1714899266 2024-05-05T08:54:26+00:00 +321e9a106808c3799e6007bf5459c5b6adb657a3 1715012485 2024-05-06T16:21:25+00:00 -- cgit v1.2.3