From 8c8f1cfd2aa9e839aad7dad6fd43b370cfbc0a1e Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 10 Jan 2024 13:02:42 +0000 Subject: gentoo auto-resync : 10:01:2024 - 13:02:42 --- metadata/glsa/Manifest | 30 +++++++++++++-------------- metadata/glsa/Manifest.files.gz | Bin 560112 -> 560271 bytes metadata/glsa/glsa-202401-13.xml | 43 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 60 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202401-13.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index a23ab1337c83..d8c046997c8e 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 560112 BLAKE2B 62dc2af41770d5f472a21d19df2e416ad9cbe69646a24bf9063fe3c7d7b36b835148ffdf730b030db456007d5c45044793f359e00e2a253deb71569680665419 SHA512 706f92b2205286e8d0fb7e749fe17d4549d6de84ffe61cf0dffaa61b0add9252e50b48bb8087005681251c1d71bdd6ced3ceb19b36ffd7e75d1709bc3aa98712 -TIMESTAMP 2024-01-10T06:10:30Z +MANIFEST Manifest.files.gz 560271 BLAKE2B 788d7d800c0cda76fd36e704c653a017e0745e9bb01350ea23c15bfb7c7d2ccbf2d1642309260d1234728ebba3fcb12dfa56f5a746e590036bf3b2bd162d2304 SHA512 1057c5d7357b4f952f1ae20e59f01992d95bfb67a14a419a2349e88e3ccccc40879bdf67c69b0a2d1c192af1a44dda8b074b2513672a6a571abaf442b2b628bc +TIMESTAMP 2024-01-10T12:40:25Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWeNNZfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWekDlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAQkw/+KdpJ5gGRgm0oihKIPya0kCuJDmtQmUnScZuRSwj7B9V04Jd4SOHyjpDq -1BnJdqYK1sGHGdpyHRvFQv2Dp9fsZh4EYgM0moOAhDwkJHoRwZR8RTgzN5xgGJRB -YSGzqs8vJ6AeSXNfQjY4Bhw0LdadDyACplmL/6tVgGZ/0P9E5opBgni2GOvFiSAZ -6VSlJId/zhJHLffkZPnegSSn38RwCdcNlciPZC/cZw4Q5KS/XcZ+4UJP+WkNwaGK -JmArXSbJAoe44suOXoqcAwZHi+NxGBlAGJ0XrzlnLXNBG4jNm/xpBJg/KVnAkCxC -N3h+/koxsaEdMnBKyKXVq4EFWC15pVJyoTa0c7hbfQY1VxmXbtMXWDxVV4hx6VEx -RRopxLSkJhsijKUNsOm/FwsshLb07xK/uFEq8hFJcWcnuPd2D3X18Azt6ceVN9Ry -4CcYiVtjbb6mNVEBhoje1ILlO+yP2DdMvlFuozJ6qerQ2TqKUqMyoNvJ2zwhvSxi -p8N4xji5FnBAxm2+OOTFwO2de/3/4ieHC4sauTTjMToaJDSzADklZ6tVjqgPnkx1 -a1f2Lt3qqg8CsqZUV/DALhER8vuSipyM9Z1BJ6G3dw6CF24AjFYcwBQlFpZUiDjn -EKtj0yeafAGBuiDxi53ahlruGTO08j3Jevd0byA0I0pHQ7J4QPk= -=Hi6+ +klBVAw//e/Rs5M0ailcOhkuMewVQzT1zzs6R3dsnf7x3tp4xUMtGLisQV+Y65mwc +rYUvSuepjxxtYvUEtFBQowJkHATukuS8vBlmEgBtcUZL0zTVmBuV6VBbZUyeQMlP +DtoHU+Y2b3A8umvvY/OKIgFU1EvKoe/XTtWfnuyb0/inN4sry9e+WaCEIhfadzgj +RmiXUSLE0nEjYn6veBRkv2z1fzIiz0m9hL6QHIyzU+dNCLxYVIvZmjdgnPHSJcvc ++HH2ln+MiOLhdq0iNX6/yEEp8C+YKKG7DXbveLFcnHNio7FwiR0J3LV14xYsGTKd +0d4SFKMIgAiEyJk1PNKCS3lSlWdm6kLnHpnDJIsMrIaEX/bRtQt1F4DuPyEFwb8p +AFWavGQ50HHjvcA07Eul97chDP6Gma1OUMZ8vB0WAJMoUHYqoxnaPO+h8Li9vcPq +327zxYYNqDfgZn7g1JrF70x3cJDVlHNS4RcUk5O3FcTRgit2qc7Vc2uDrfdjfoB9 +fwMqOM+LqudQAUFAZ/TEzFH8O9siY/Mm0dI+v/hfMOas/e2XfyQL61noZcZlD9LK +YJNcZXyyFgFaAQXMhWPbEYhVg9+5xcBlyzsu1PLVVh07Wkm6wjHUaYP93d2+SlMH +reEHuSVV2GxoAf8w/VLiZ5Cwd87ikUeEzP13im09v2Y56IF7Ctk= +=MgZs -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index f70ab963dbcd..eb8249987c2f 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202401-13.xml b/metadata/glsa/glsa-202401-13.xml new file mode 100644 index 000000000000..8b6fbe173b2d --- /dev/null +++ b/metadata/glsa/glsa-202401-13.xml @@ -0,0 +1,43 @@ + + + + FAAD2: Multiple Vulnerabilities + Multiple denial of service vulnerabilities have been found in FAAD2. + faad2 + 2024-01-10 + 2024-01-10 + 918558 + remote + + + 2.11.0 + 2.11.0 + + + +

FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder.

+ + +

Multiple vulnerabilities have been discovered in FAAD2. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All FAAD2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/faad2-2.11.0" + + + + CVE-2023-38857 + CVE-2023-38858 + + ajak + graaff + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 31aef4586268..cd7f01691387 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Wed, 10 Jan 2024 06:10:24 +0000 +Wed, 10 Jan 2024 12:40:21 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index a60608a945db..d342da0701b5 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -17e2b155a748af5cd1276229d389b4641fec18c7 1704623514 2024-01-07T10:31:54+00:00 +a1eecf982df504f02f8b23c7cace982c168ea64b 1704887079 2024-01-10T11:44:39+00:00 -- cgit v1.2.3