From dbed051da899bbf15bd223d4aa40e913cc3c5b0f Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 9 Feb 2024 11:33:56 +0000 Subject: gentoo auto-resync : 09:02:2024 - 11:33:56 --- metadata/glsa/Manifest | 30 ++++++++++----------- metadata/glsa/Manifest.files.gz | Bin 565188 -> 565345 bytes metadata/glsa/glsa-202402-11.xml | 55 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 72 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202402-11.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 7f7fe641b91a..3ca8a237d60a 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 565188 BLAKE2B 35f53a7f251713df50fcb7686e05bd9d32b5212c332acfb4f78810cfda409c59230202499f72410dca6d258aada2515c2e918fad341cbf357376890fc5ded7c1 SHA512 fad70ec1cb0f5ab8ebcba04d8007ecba54af8d22cd82a30f9a41b2ab8881ca037e0bb21c2fed295cb035a2ed0547d37975ced7975eba62e289894d58e57cb379 -TIMESTAMP 2024-02-09T03:10:12Z +MANIFEST Manifest.files.gz 565345 BLAKE2B 1fbe9353523b9cd6f4873acac72def7cd205ef6bf788193681314c1985f36e90edcc33239ff25df0c9af17acc27aca72171bd923dd1674094202ab8effd3c970 SHA512 2c08b34daf44727ce643bc8b45c50d332fb8f4fba4b5bff8c9fe76a04e0528b52b9211b6a000475c670debe9a84f1bbc512e636e01a6a450f72d8314638578e4 +TIMESTAMP 2024-02-09T11:10:17Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmXFl5RfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmXGCBlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klBcLA//RNQBBuFEU68O1KqJWePxR7mp06XXD69Fgz6dtzdpCklGlOYiLpM+MrqD -AYlz+AFYgusDy6r8xNOLGO0fq9nGVqTm3rlq8ywPl2sM15E63hb2iaPXTxJpvvnO -Qhzs2Z4Lk4eGVAIpynSlzPQHemVmdVGqGAD6LyDwHJQqgbxPXbpgiNNpyK0etnRn -LDlupCxFu7qnzowkRc2vaqUbvYEphrbJkvXpomv4aHxNO3jYtKYjVXN+QJnBYPUQ -m/Xla5ILFM4VMWvvE612dUKlf+kR25SuBOJnRGfLRcDNrypLx+nja9IG9swVo5UT -UaDBA1uOHbhs9HaNFNNMx2ttONtCrGfq+a6zUdOfsSOCAOt11V0y0lMBgy4I8Icj -cAoRlwz9W+1+Q5AdqIZj2aTto4j3YcNB27PUihXzgsx7wMgDRulLFRf7JlMdzoih -vKda3kTPk4qgSE1LoMBGl+wDeX/bTorEE5rQ85cAxZJCZZbIGo+uzl3DRLT4PgID -6lVjLz53hNzdsAET98izqf9Xd3T6jeri62iucCKeTiaIPC420TEJFVNjXnPusW7s -1kNB5Kvu6kImSkH2U0dUKmdPfIMjiXt/ysg9ba6i4eKTGSEGryxHCY89LyYjGw/W -lt5bFodBfLuxS2UAykqZd0sQ3I0ivEsZGZL4TPhwxwjpS/iEM5g= -=4vuO +klD3wA//ex4Z5mCyg3FTcZfY01DJAfoUAS0gxv8wJm+2fYUwsRm0O2yDHh1VDW4i +pBxXxHJmxQUNWhZLpQo0yHHQGWwiw/FoYCqexRnsp7Z/Sy6Odi/xmUDJ38taeTm6 +v1I/gwlX2EHxqV83/ybeJt5m5JUheZCNQFlWRs/gQtG+63t6S/h3F5+ZzCiam/NE +dF5BFHoYb5f3YtiltOMdcr7joo3rqLIPCZCwMkwReJLfCNYvGpR2e2TR8s4YkAOi +6WhDCAw70W3ND9v91lX7+PyoX+9gGQAmO2bVO8KCR3r0/IsSf1shLbqCKt6AYNI5 +oT+uw4vW854aobifsChxsHirf4Mlf8AvY4TRb44T0UrxDCbs8iSnkaqfgfjy6Aao +5SPr3+x8Vks90gH3VLSEsgubgbzCP17Lwy8T7syRG5o1Cj1v9Tk5ixoeuwkkffpo +gDMcv6+acG3K79iQ/dRQj8m049J4o868/u1gprXQa4ZWgj+m0dYREN5P37jj3MmZ +jR/Y1M+o93vfV0sa7mkdbZAIL3iEfXi97aIwVQ6jnfvIsQDWN20FSNXPPt6su26D +tR1+8wLMNBmK22j8liqlRU57bF0MB+1SDYyYJeEcVkxppGyjW5VvpCDG6SRtH2S6 +FTzxWxIRreGrt4phYB+MKDH/TvyCagI/ACy4pLqOMKpjrOptjJQ= +=NLPF -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index 3ef3b069a1bd..58f85a4a107b 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202402-11.xml b/metadata/glsa/glsa-202402-11.xml new file mode 100644 index 000000000000..27cc1d01a72b --- /dev/null +++ b/metadata/glsa/glsa-202402-11.xml @@ -0,0 +1,55 @@ + + + + libxml2: Multiple Vulnerabilities + Multiple denial of service vulnerabilities have been found in libxml2. + libxml2 + 2024-02-09 + 2024-02-09 + 904202 + 905399 + 915351 + 923806 + remote + + + 2.12.5 + 2.12.5 + + + +

libxml2 is the XML C parser and toolkit developed for the GNOME project.

+ + +

Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All libxml2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.12.5" + + +

If you cannot update to libxml2-2.12 yet you can update to the latest 2.11 version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.11.7 =dev-libs/libxml2-2.11*" + + + + CVE-2023-28484 + CVE-2023-29469 + CVE-2023-45322 + CVE-2024-25062 + + ajak + graaff + \ No newline at end of file diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index b04ff49dfe8e..a101c1ef04d6 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Fri, 09 Feb 2024 03:10:08 +0000 +Fri, 09 Feb 2024 11:10:13 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 54415f85eec3..cb1f66cb3cb8 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -c7a3936d7b9a6b4a836663710ca581880d4d5130 1707039950 2024-02-04T09:45:50+00:00 +e85e47ba7c520c0a553d527c33c5c297cb8ff286 1707471442 2024-02-09T09:37:22+00:00 -- cgit v1.2.3