From c69eea8c84cee05e6ba332fd1f39cfb6554d5726 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 1 Aug 2022 21:16:25 +0100 Subject: gentoo auto-resync : 01:08:2022 - 21:16:25 --- metadata/glsa/Manifest | 30 +++++++++---------- metadata/glsa/Manifest.files.gz | Bin 518604 -> 518764 bytes metadata/glsa/glsa-202207-01.xml | 61 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 78 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202207-01.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index bed9fbc7da58..8322d6eb11f1 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 518604 BLAKE2B 771190ff87bcfe6702a19150591bf573a429c51546ab7bd3ae25f101a4ec657d93d6fb83f7cb3aa4055e581eab5fde9d88a73a604dc34f426cb30ebb4385af9b SHA512 0b5d0f14e5d6ec3ff896d9d472edea00620a08f552ffc5516b0264e609527cf65471ee37a5002559add52d5c1898b2b60d48c9e97e6d2451bd84bf24fd112ab4 -TIMESTAMP 2022-08-01T13:39:44Z +MANIFEST Manifest.files.gz 518764 BLAKE2B 800d8c605261a8d2ca31eca4bde7d3bb3f684de4f3181019daf03f289f18680c6d96f494d58f96fe4ad07cdd9e1d88375337c122e7b8e08a991332389d887299 SHA512 aedc41e29d7be49299b1cb0ff40f391a2deff64b9b55c25130ff0d38269f249b737b1d372d346ecfc163d0044fae33a0e164e57a26c205b60f17269607a8117b +TIMESTAMP 2022-08-01T19:39:46Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmLn16BfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmLoLAJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klD5Cw/9HSsGlW/Ey2Fp9xFryPNr+UmDP0Hh8fuA6w/ZoRO9dJf47qXmBc/5zzwH -EZvvxUXP9otNG9eOaFbEPySxGMixcU7kNFQm3+LVzixFgPncJPvrzFjSNwTw74FG -/EtuGmZidPsE713JNua+vZumVH7RPLKouguaFFeALAd50rz52mJVKc6915ppdGU+ -iIBe1mn8e4iqtp9upJ3P4MvzJzjKWj12r8dF9FqZJdnieyJ2hGQqZnPEueJN3+j3 -Ok64q+w4Aui1A0JOuUpECcfLfzNh+pzd9hM0MjfdK+zVORQJnBrFNY/U+rzisVXg -yUZcvInGcAkCyKqhdpwmd8i5LXOpCY6gaTY/KzwKzORK575GoVNM74AF3NIoM3IA -fTEtsrNosMqnxthvviJh//+zHdZzzPIheWcDmNNAUao/Py4xTWIO2shHjEzT21SX -DGwsH9lviMnnqg2nt8n2wbfKO1gXudPOMzqk2QR2ebATaEvMe26fX4q+fZc1XHs4 -ulrq+f+6UfxXRoVVoZkiIOJsDD9JJJQESlZeAong1jjYLUhNQqsQZiueJmcIuGxj -15GuOBDHbMDJZCay2LjBYHXUbDzx3DHExIv3KISTb/JIKlEukea/pqTAciOvKw0s -iAHKeA29MpFE0CForerHlipag0VdlLw5b3N+lNSGk7L9ENICV18= -=ZXJC +klB7YBAArLMY7VswukN6d7NilVZakHYhgfNzVB5rSvFdFPi8VNw0ytyV3bmi6jsk +vsXRcO3dJGZkPvDHUFckhGudSdBXpq7ZfPKMIjzhUFoWrg5Xn0EqbMua6s6/sToQ +B9C20f8HHqoC04QXe3b40gB0kZmhiPJI5RUWT4NcYsUXAd33Duj2bXnD+ibDUiGb +kOH3tFm8507uIDuIAwKvm2xTZc836fCQnYmWnaUaEp8Vhc5EUj18tSjnbGkn02WH +fycjE6RelHAISeeQyL6fbCbhPN0MZr7oz7JiNGkT/Y1t8pb8dyGo0xvKmv5TcXyt +m5YwruY+td5R9jPERDP3dtVha4vQ9ThzaqZ5pJUOI2SCOD11kYYhNF6tuVEk1F6M +tUBA7zPQJWmSoFvKJTJRjXgEJMMva4PzC4nXBfi/mzaEBZykf8dgPiyFlnc4jqsy +p2adi2y3nGtpDTyXv2qIJfmSHUKJe8tdMvaS51d0ZQ+99F5tlGrZlRfhbpOuSZSB +2emw/8sMHyY8oODbXF32w1INGIRfOxjZlK7wRL9NVZUPC2E6XqRNCH4toPPrimFV +unT88VV5aqVl/ssOjAPa6UP30QN53U91ScZLd1FpCTmtooZaquU/if+nJ4gmC3UY +zB/z0UVtQFJKkz6SOZ1lVybvE9G1zbWXvnHPOpk3ZLpay10LY/k= +=TUxA -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index f971639f2c97..1f73abc83f0a 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202207-01.xml b/metadata/glsa/glsa-202207-01.xml new file mode 100644 index 000000000000..ecb32ade076e --- /dev/null +++ b/metadata/glsa/glsa-202207-01.xml @@ -0,0 +1,61 @@ + + + + HashiCorp Vault: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in HashiCorp Vault, the worst of which could result in denial of service. + vault + 2022-07-29 + 2022-07-29 + 768312 + 797244 + 808093 + 817269 + 827945 + 829493 + 835070 + 845405 + remote + + + 1.10.3 + 1.10.3 + + + +

HashiCorp Vault is a tool for managing secrets.

+ + +

Multiple vulnerabilities have been discovered in HashiCorp Vault. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All HashiCorp Vault users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-admin/vault-1.10.3" + + + + CVE-2020-25594 + CVE-2021-27668 + CVE-2021-3024 + CVE-2021-3282 + CVE-2021-32923 + CVE-2021-37219 + CVE-2021-38553 + CVE-2021-38554 + CVE-2021-41802 + CVE-2021-43998 + CVE-2021-45042 + CVE-2022-25243 + CVE-2022-30689 + + ajak + ajak + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 93efb58b113a..e800822e105e 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Mon, 01 Aug 2022 13:39:41 +0000 +Mon, 01 Aug 2022 19:39:42 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 2e35e640c7ca..349124ae11e5 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -57effa1a78ecfa61900fdedbc9401d0948141e99 1645484369 2022-02-21T22:59:29+00:00 +254c716d0dd35a6846f281fd4a3eaf970dc0bede 1659377108 2022-08-01T18:05:08+00:00 -- cgit v1.2.3