From b447ac3a6d1bb09ddb6a5686620670e223b37642 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 1 Oct 2023 11:42:50 +0100 Subject: gentoo auto-resync : 01:10:2023 - 11:42:49 --- metadata/glsa/Manifest | 30 +++++++++++----------- metadata/glsa/Manifest.files.gz | Bin 548981 -> 549143 bytes metadata/glsa/glsa-202310-01.xml | 52 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 69 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202310-01.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 4afe45d855db..0725ad594a64 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 548981 BLAKE2B 81700173ea02c0d006e3065367bd4b6801ae8e0cad7f0b23c4d86a41c1b860a4cbdeb3051fb86eb2d3f114b8ba0353d6e09e279718eed8ed2607a21c4e7ec67d SHA512 a987e0e64b2dbf1006cecbff251dc3524b4d244d2e54417a697139ac9ee5a97d21aefdfb0fb940e1890076d7fa18c793f4f7a60db6960004ade2253826320f19 -TIMESTAMP 2023-10-01T04:10:10Z +MANIFEST Manifest.files.gz 549143 BLAKE2B a22ba02cc8dd6e99745b4bf9665fd31ede4c7a9f7858402dcc10733f4379b39eb2b46414a0215d19a3e92fdf2a4a8edcafa50a7e2fab8928fb28fdb2a2ddc6c5 SHA512 dff106915559af2a3b9a9598542111eaa6559551fc8e315ee13b80b72381c1c8cede91a442e7800e758e8a4cbeabb47c418622deda467829666a2b973c53d917 +TIMESTAMP 2023-10-01T10:10:08Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUY8SJfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmUZRYBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klB4TBAAmdvznLfPM7tHzvoZ64+m2mgfuaCj7nyve0NnX421WYiAeh8YrYOIN3Yb -u5RAzG7/7c5oZf3slTTgjEW5sjkVpry4GiY2b4jC1PFyQkL8eiPexgA2YgfPBkAP -feHXGuipKRR4q4Y+pnrPc1FWZjIPbyzR+lwGf8mBqoKjbFua+Zte6izdKiiftWEA -aZwPKdZFB9yfoYHdvqWht7mCpBUISZPE+AGEkxGX656WmE1mUabY6GT+ZVFb+zkL -uhzwE8SRRmqc6Pfy6e0Xrhvgppjk9eJZa1DEgqLG/DCPM6swTJXer24kLdx5vJwE -ABQNAvk4FAG8rP6a2bkPnWcoZ0gW440yZkbGw2RGaLEUXDXQcPI71SAjNz7SMYst -wVFG0dRx+iXViw5VqigaAC84YGXHWgxC/CpBE63OoS0pfxHDGI4oEP4aCBQNMuBk -2ixEjuPy0Fu1ImzDYjrh7vybV484aHRzFpOqCEhonCe9QPtVOhPgb3kPMtAvdjx1 -Gh1fJcdeV4AfGEuV7hdeTNOHUslkyDLgRgyWe3IlmtXzgQwyQM+FgJopylqSIVGK -lvjZdFOEQfCobQMao74ENvm7bqppPf48R7yV6XBB+KxwD8LTvoxpS4XTXoC2Uple -6YYNnhQU+7CIK03hFNnDUC5Y4MLfBa6cEf4c40KNOMmA4wFv14Q= -=iE0U +klDtdw/+KbtMaR1aPUZ9Cy7jdP2ryRZGPEYzRcnx3J05RuGjPI2Qd0Ny4hbkVqT6 +1N48GKaHd2PgiexIeZAGo3iY0aeH/uOUU4fI+1fBLxPwumqI5lK0i3la1GcC8vh0 +kMXPCc64juTx2hLmRPVjNyLcxwqqVg2ZR2Le/A8faXTXJbqHZFMcyw+JLdQZ+X6e +0140uW7NluipHyOfZBOAMHZfKHWIg5r7wSKklw3STv/3RfBrm8vIDk6HKEaEU6W/ +vFyAtk3Sj1aO/dQwQnz2s2+lOFCS6txni1baZOgM00KEYTB0w6xYE9q6pbiGMVvC +y4wmxUdm73d9th9cus8f1+NqfT+NBqus21h3y1ypedpkz7rtpHCaE8KdTzP638/4 +0tw/4hiPNnIS8YCoXO9jHh4tY6biBczXU8cW/MEUKBs0wzK57RzqwxRe5UnDwDqu +YlNlq5zqgaBTz/L11BXrn0tmS42NYG9eTvWY0qp6iJER0upModa6Q6dkDP7gsF2p +uVwmTh8HO2hVObwfOGp6iZAwvBaR6eghwLxA94/kilFU6Yeq/PD0O3r7px1EVlmx +IDsJcqVJTLZ3MVcHWrudX8Jr079kx7VCiA0TdjHeNLWbDJjc2dt4Hq9Pq5jdF5Wx +rJEa7NgbFa5vGgCTz3qEKAiUdHliTFImPsMqHLutvHy2EvZWdKI= +=+nTn -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index 0926db590859..2e8a131935d3 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202310-01.xml b/metadata/glsa/glsa-202310-01.xml new file mode 100644 index 000000000000..fd23ee422c15 --- /dev/null +++ b/metadata/glsa/glsa-202310-01.xml @@ -0,0 +1,52 @@ + + + + ClamAV: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution. + clamav + 2023-10-01 + 2023-10-01 + 831083 + 842813 + 894672 + remote + + + 0.103.7 + 0.103.7 + + + +

ClamAV is a GPL virus scanner.

+ + +

Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All ClamAV users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7" + + + + CVE-2022-20698 + CVE-2022-20770 + CVE-2022-20771 + CVE-2022-20785 + CVE-2022-20792 + CVE-2022-20796 + CVE-2022-20803 + CVE-2023-20032 + CVE-2023-20052 + + ajak + graaff + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 450a0c13d84f..272847ca0a95 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sun, 01 Oct 2023 04:10:08 +0000 +Sun, 01 Oct 2023 10:10:05 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index cfb882390115..e45c04ca216e 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -de793de405f9e13d0d29d94de3f236ce0b5b3338 1696064247 2023-09-30T08:57:27+00:00 +de933a38b263b239206a394919eff4c8f72f835c 1696149575 2023-10-01T08:39:35+00:00 -- cgit v1.2.3