From f07d186050d4a6c9019e9185d7bed71727aeb1d9 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 21 Jul 2018 19:15:15 +0100 Subject: gentoo resync : 21.07.2018 --- metadata/Manifest.gz | Bin 1986 -> 1987 bytes metadata/dtd/timestamp.chk | 2 +- metadata/glsa/Manifest | 30 +++++++++++------------ metadata/glsa/Manifest.files.gz | Bin 426775 -> 426937 bytes metadata/glsa/glsa-201807-01.xml | 49 ++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- metadata/news/Manifest | 28 +++++++++++----------- metadata/news/timestamp.chk | 2 +- metadata/projects.xml | 26 -------------------- metadata/timestamp | 2 +- metadata/timestamp.chk | 2 +- metadata/timestamp.commit | 2 +- metadata/timestamp.x | 2 +- metadata/xml-schema/timestamp.chk | 2 +- 15 files changed, 87 insertions(+), 64 deletions(-) create mode 100644 metadata/glsa/glsa-201807-01.xml (limited to 'metadata') diff --git a/metadata/Manifest.gz b/metadata/Manifest.gz index c17cb239d822..62cc46f81f3c 100644 Binary files a/metadata/Manifest.gz and b/metadata/Manifest.gz differ diff --git a/metadata/dtd/timestamp.chk b/metadata/dtd/timestamp.chk index 5beff81f2f31..9a5288812662 100644 --- a/metadata/dtd/timestamp.chk +++ b/metadata/dtd/timestamp.chk @@ -1 +1 @@ -Sat, 14 Jul 2018 19:38:33 +0000 +Sat, 21 Jul 2018 17:38:23 +0000 diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 94f5cd90626f..7190e3eb9325 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 426775 BLAKE2B 0a924e893bc7d02fb872d05ff4b63ad4d237b75711b0c6a09d632bbc7eeb1a14506448cef5b376ba25b504b6e4c16d40d6662762ee100207b8ee92abf972340d SHA512 811f8949726f5f714f93c3522b7ae6b1eb5aad37a0229ee9d5f5ee0ddb8c5273a4f3b0d4055d44a1dbeed5fc458aeb2e5620e47889961d9b7a4e961c24e5877b -TIMESTAMP 2018-07-14T19:38:37Z +MANIFEST Manifest.files.gz 426937 BLAKE2B fd40fb2cce7e8bb9b86f11cc0b67099c90238f284b3a458c8153c050be8f5f23899e2d0a85dee8371053bc572661a4ef4f721c0fbfb7976cc36ee7c7480ac631 SHA512 829750d5237ed3b11ae3dc9afdaacd5fe79e390dedf6730a47ac29c7f64e7bcce35e880cc0e44d263a4b9a9ed0186d2e6503cec484fcd93b4c19afde5af0ab31 +TIMESTAMP 2018-07-21T17:38:26Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAltKUT1fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAltTb5JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klCKCQ/+J+S6xWydS/2LQQRpAZTOWx47DsXxJagvgnq+1xxp3Nmq07vfQ58ftq59 -nGmOZcxqr8tODbzLo4PZtpJhMp1cg8MANcp6weqFPPPvCLWhLjX/+xxihk+kQy2D -a8EG9SXTrVY5JvRE8ZNs61yiAK5+3BtxDi+JxwLK92/opvU1n36D/7UA3yPCkkkK -syONqOeh2gJHAYBrC7UN4+fk1DRyVPFjW5Pfja+MFUW/T7+PIeyQb35pCRywxeBK -GTHFBCf85bbSWUh3UoR9JCaZiNctcMJCdZ46roz13Upu2r+Gs9VJtytMrktzpGyg -dzk02LXTDXQuCHZC+W7BCKx+KLg3fJOHpwSUXFsaIzdt8SBgMdFgYhDy8uhmhSZi -LuyhSLn6IhfDfwddBsf7xjwjsk3Bq4a/MJbiaPsV1BRVrJEoyzVN5IoI/wvDUNez -KsTvoCsbqyF8Kbb8Ns2DEoX4qdxe8VqE4oEel3Wirgk58fnq2GGlbOehI3Aj2iDQ -X30eAvi1YOh0RDWeJcLiKiMKFhcsRyPr8WIU5EomKN64w1opqPYui0iKo54ZkaaH -JTLO3Ea7UX0s/9paLBokM5zq2yHQilB7Lu0kveFRUW/P3UDSTVRZi/5UKgbaicvT -l38lVChGn+U/c2VbswguoAX3bmCqHz9t9QHd4GU7Mn8hzVH5gaU= -=49RK +klDSoxAAnCXGfNS7/gfyCQn5HIvwG+CbL1A6m/KxJmulrcIdeytKv0RQ6aDlNI6t +1i5jj1ZvWlG4IaGStdmNZ5d00Qr2Fs6bCfJFHu7IPPSiW6799oEDjTsBDtj0bNJr +mCPLsAMM/SFgfs3h09a4H4+eQeE20sceP53ppicFlLGu98yUcVenmbos40Wn2+0u +vvinM8JxdwIXeVanBv/hpjiFuOGYIPQdV8Bb2TW+7+r9qacMOtmf/80y+dtoq0bt +JFPlluqlRjTz3mpmpJpkx4oIlQmI/6d5QnNnPWqRCkafk5renkiXNkuJl5SSNa1y +8uBgeC9ild8M50rHL0iFd64MnYc9mM2dyo2wRkDVlMpRK9eQmOGJWloXPafCxTg5 +OLnMlqLQz2aqMZiBEDK7YzpZXRe9rVPa0DTYUNeyJ61mdie6TpajdhyR86Wnz7H0 +ONwjOoEl+1+NwyCt719fJz/gkoZ6eVXY1Nn6BjCfHetI5iIkYcSbnN85mQ3kRLcf +V+Q0Bg7jPGbyQelNJQRlUq2LuasZyf+lUI0XBmKscTwhZ3apCN0axu4LJqe19gDP +KbZ4WT7lcv2prP7VkvdeLbLf9G3x9INCvIuPu8Y/ZwjyYQchw/AJaJ3TPui/v3tP +7H2FmjZiWPqamUVEEduTlJXOSfntzPetKOmjEyTRZWKsPtOxI6g= +=u1Ze -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index f740db1e7b5d..a924ccd14e63 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-201807-01.xml b/metadata/glsa/glsa-201807-01.xml new file mode 100644 index 000000000000..5a945f792950 --- /dev/null +++ b/metadata/glsa/glsa-201807-01.xml @@ -0,0 +1,49 @@ + + + + tqdm: Arbitrary code execution + A vulnerability in tqdm could allow remote attackers to execute + arbitrary code. + + tqdm + 2018-07-18 + 2018-07-18 + 636384 + remote + + + 4.23.3 + 4.23.3 + + + +

tqdm is a smart progress meter.

+ + +

A vulnerablility was discovered in tqdm._version that could allow a + malicious git log within the current working directory. +

+ + +

A remote attacker could execute arbitrary commands by enticing a user to + clone a crafted repo. +

+ + +

There is no known workaround at this time.

+ + +

All tqdm users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-python/tqdm-4.23.3" + + + + + CVE-2016-10075 + + b-man + irishluck83 + diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 5beff81f2f31..9a5288812662 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sat, 14 Jul 2018 19:38:33 +0000 +Sat, 21 Jul 2018 17:38:23 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 371b226d6874..9cf5b169a530 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -676a0a13a2c9c89e7a04d5a85550b5b48c25f9b4 1529809898 2018-06-24T03:11:38+00:00 +05c861bfc6df24f1e1d8bdfbeddfde0b268a1418 1531886373 2018-07-18T03:59:33+00:00 diff --git a/metadata/news/Manifest b/metadata/news/Manifest index 3da184b3c080..675cebb5fb7e 100644 --- a/metadata/news/Manifest +++ b/metadata/news/Manifest @@ -2,22 +2,22 @@ Hash: SHA512 MANIFEST Manifest.files.gz 19946 BLAKE2B 37c8e8da6d0a8ec1afb0d8130e6a0691b2337c561a7530993bc0d97dd6269ffedba2f21a2a2c3768d5c1ca61b5951708c71d2be3e169f99b0ebf7184cc931c64 SHA512 0bb16aaac12c9d78f051f6bdbcd26e1f27fbda2b373993607a770cb50b1617d861c7d394ada14a3620375b712f2fc4a8e199c1b94b59062b18e2d1cf6d090de1 -TIMESTAMP 2018-07-14T19:38:37Z +TIMESTAMP 2018-07-21T17:38:26Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAltKUT1fFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAltTb5JfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klAv5w/9HT1qNUPHcYjmRu1iCGroCNHhuPMt6gL6pDYSWYJXxZU0GIfGQqWTSn1/ -lCIlLKv7CYIk7mawrwKVGpEE6/iqDhEXxiETp302gg9bDcYeaOeNuKs2cuosL+rS -GUvcvhWKmWcb+PIrZwg+kKxTHzG/XXDPPVUR680THzQ1DSP2+hvBrGo8zg8uRROt -Nks0tIyLOgVtW+yFsmucZISy72t0JIXXG90N9hE/LXsu2C+ZJUnKUBESvWUHMdEZ -z9HVZIc1YhrJTxw1K4nEOiCZlxoxGiAqlW7yP69OxZS/Vt1cqMHZW+po9xxiNSOT -Umi7c927D7HbzZDeUqsGPQwGUJu+cF4ahv2JW+0cjX6Gff/BWFCDsIOnhQJ1i8Ma -FwZ/OmWH6wzT6q7JyF4N+uCRextFxWZg93Ga/5qz6N6FurQDSgASq/Qwxxzt8gtG -rO+bcJPgXaso2C6ohHZVJFWuhKCsBAsF06qVTAOWPExK59p972g2H+xbpWH3wpS9 -cLhj487Y4QjKUkq616dkWaeKTKfjKXRM+vib4FdS+uW93EUDAO0s1su63px624y3 -6e26laxs5z+zDm7S5veOOM9RiAwwheZo+B+4GSXc9PSALqq0zMRG1xWb/IFYcRx6 -xKxMM8634L5RKwFp8ubSoQkk6xEmRTJIZ5+eBuPJG9yN/8VsVZ0= -=WdMu +klDwYhAAkxNxvlNbASL/gunOjaWvgvRcWaCRKgC1lBkLxUzbWJagIiAa6bSIjp9b +LdTIuWS6mg9Tg9NAtOnNGC8eKH1n5mJd1eGldmcPWg4SgcGTzHnC07/G59udzhN3 +XZARtH/7BEOkcx0dnYlI24Exlc0kI3YUEmW7CEim+WLIGSGhJAvHwfb+j9PHZiOC +TxPX+x9+rhhdM9RxsV2DCX166OPIVvnrSXBKwvJLvNITJQH1oBTB6ykfs16jb7gg +QPOjgvdYmjPmF6JYntesbvw1R3k35RjNnZxv/3DH60yfUhdHtpGykuwh90O/+oj+ +d+aGhAIxabtZj2Hz5lHyFcI2OF9oQrITPdkq1oqNcv5N39UxKljNaSMA1SvxXdP1 +kpFGIM3IvPXoJmF4wdjdvIVqfKJSNcOdVBr1E6OJ1b/3769aTToSfUXEkYGDXmUu +HmqYrEravE+H6Bvw6QG8HR3xyMRz/lQgHDwVEa5oiR2hJNCwm6goUoM3EMO77drf +nilHajyj5++Qh26TyZTjatxmqaX20meVj6e3gVvrDtkJFB4DOLDXtB0xziU7bZ0u +riNIkl/nT9eQiboQ0Rdp4wnxcEM0iARgbnCImVjp5U+k17YZ5dPK/qqdi1PuGCm8 +2336LshTi5KzNN1rk7vvlJ5+8dmolWLkbCaJsuGKP++zdeZdUyo= +=uwlH -----END PGP SIGNATURE----- diff --git a/metadata/news/timestamp.chk b/metadata/news/timestamp.chk index 5beff81f2f31..9a5288812662 100644 --- a/metadata/news/timestamp.chk +++ b/metadata/news/timestamp.chk @@ -1 +1 @@ -Sat, 14 Jul 2018 19:38:33 +0000 +Sat, 21 Jul 2018 17:38:23 +0000 diff --git a/metadata/projects.xml b/metadata/projects.xml index 3fe6f92b9ffc..6846ff68df6f 100644 --- a/metadata/projects.xml +++ b/metadata/projects.xml @@ -348,10 +348,6 @@ floppym@gentoo.org Mike Gilbert - - hwoarang@gentoo.org - Markos Chandras - lu_zero@gentoo.org Luca Barbato @@ -823,10 +819,6 @@ Gentoo Desktop Miscellaneous Project https://wiki.gentoo.org/wiki/Project:Desktop_Miscellaneous Maintains various small utilities for X11 that do not fit any other category. - - hwoarang@gentoo.org - Markos Chandras - jer@gentoo.org Jeroen Roovers @@ -850,10 +842,6 @@ gokturk@gentoo.org Göktürk Yüksek - - hwoarang@gentoo.org - Markos Chandras - kensington@gentoo.org Michael Palimaka @@ -1824,11 +1812,6 @@ Chris Reffett Developer - - jmbsvicetto@gentoo.org - Jorge Manuel B. S. Vicetto - Developer - johu@gentoo.org Johannes Huber @@ -3291,11 +3274,6 @@ developers and volunteer mentors. Brian Dolbec Catalyst Lead - - hwoarang@gentoo.org - Markos Chandras - MIPS Release Coordinator - jmbsvicetto@gentoo.org Jorge Manuel B. S. Vicetto @@ -3904,10 +3882,6 @@ developers and volunteer mentors. Aaron Bauman Member - - hwoarang@gentoo.org - Markos Chandras - johu@gentoo.org Johannes Huber diff --git a/metadata/timestamp b/metadata/timestamp index e66da05731bc..be889728f4a4 100644 --- a/metadata/timestamp +++ b/metadata/timestamp @@ -1 +1 @@ -Sat Jul 14 19:38:33 UTC 2018 +Sat Jul 21 17:38:23 UTC 2018 diff --git a/metadata/timestamp.chk b/metadata/timestamp.chk index 5a86ff9a06c2..530745f291f7 100644 --- a/metadata/timestamp.chk +++ b/metadata/timestamp.chk @@ -1 +1 @@ -Sat, 14 Jul 2018 19:45:01 +0000 +Sat, 21 Jul 2018 17:45:01 +0000 diff --git a/metadata/timestamp.commit b/metadata/timestamp.commit index f2f57d2a8432..51f4aee81d56 100644 --- a/metadata/timestamp.commit +++ b/metadata/timestamp.commit @@ -1 +1 @@ -7cb12e41fb9ad7c68edacfe5d3f7509c912ca2c8 1531596732 2018-07-14T19:32:12+00:00 +a27d82f3f029ea20dde03a7d9e55577af53fde03 1532194235 2018-07-21T17:30:35+00:00 diff --git a/metadata/timestamp.x b/metadata/timestamp.x index b45d93c2ace0..60c3183c993c 100644 --- a/metadata/timestamp.x +++ b/metadata/timestamp.x @@ -1 +1 @@ -1531596901 Sat 14 Jul 2018 07:35:01 PM UTC +1532194501 Sat 21 Jul 2018 05:35:01 PM UTC diff --git a/metadata/xml-schema/timestamp.chk b/metadata/xml-schema/timestamp.chk index 5beff81f2f31..9a5288812662 100644 --- a/metadata/xml-schema/timestamp.chk +++ b/metadata/xml-schema/timestamp.chk @@ -1 +1 @@ -Sat, 14 Jul 2018 19:38:33 +0000 +Sat, 21 Jul 2018 17:38:23 +0000 -- cgit v1.2.3