diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2021-07-08 15:03:58 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2021-07-08 15:03:58 +0100 |
| commit | 814f4cf860e299a046b649eaee5463427984c09c (patch) | |
| tree | 74c45f097899310e599dad6b8df5b63e0f085bc0 /metadata/glsa | |
| parent | 7f0ccc917c7abe6223784c703d86cd14755691fb (diff) | |
gentoo resync : 08.07.2021
Diffstat (limited to 'metadata/glsa')
| -rw-r--r-- | metadata/glsa/Manifest | 30 | ||||
| -rw-r--r-- | metadata/glsa/Manifest.files.gz | bin | 509689 -> 512077 bytes | |||
| -rw-r--r-- | metadata/glsa/glsa-202107-05.xml | 58 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-06.xml | 119 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-07.xml | 54 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-08.xml | 48 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-09.xml | 80 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-10.xml | 51 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-11.xml | 47 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-12.xml | 51 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-13.xml | 52 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-14.xml | 51 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-15.xml | 50 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-16.xml | 65 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-17.xml | 48 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-18.xml | 53 | ||||
| -rw-r--r-- | metadata/glsa/glsa-202107-19.xml | 48 | ||||
| -rw-r--r-- | metadata/glsa/timestamp.chk | 2 | ||||
| -rw-r--r-- | metadata/glsa/timestamp.commit | 2 |
19 files changed, 892 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 7ed09b67e1cd..7f2cd84f9c73 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 509689 BLAKE2B 008f2727db3daaad82d33cf5bd9a0f31dfe5f022adbb31b1f1fb412a0b82ff9436ee7889f7c470eb35b1631c3d998e632afcda789463ed2e8d9369bfa67f44de SHA512 7b3c6332ef44039841113d497a4cacf9d24a61b0ec7037af206ebc290571ee789c5cbc956bb71b0437250e5d305759a3f91ed4d82c58a810e1f909f68efb5647 -TIMESTAMP 2021-07-03T21:09:08Z +MANIFEST Manifest.files.gz 512077 BLAKE2B b3a851fed4ec119529da478b2c6ab640c467b59cd6ed71ff2f31dfb0a9c99957f51e497a53950da01067cd032428548811b642889d9279a9955dbf64efffd2ce SHA512 7112ff989d4e2884b7e474492ed51f97f63f207d184a4ebe02216b0e52b94bf603a95397cb7a6644dd2c462634f0537399957d0d097ff499b816c78955fc2f22 +TIMESTAMP 2021-07-08T13:39:14Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmDg0fRfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmDnAAJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klC53xAAknouPnB60yx83ThXuzlN+9Vj4dgYO7RJTX4ZcNX2MTfUqUJOt+BlP14L -eu3HSQe5QxbZY/yqoVfwnHYfiMmgqiO35FufpuboXQLpQyO9P3CY5zkHIiZk2Mlb -L+zGB/wgFouq/nz4v/Q+FmMxdYrfM94sIDC3VeQkgp0ZBKd5tMKq2Op2ZSSP59z/ -Xi2sAJXQjhCkEgPn+bFqX4BqE25QyGUG4f/90FFP4gbidRp7sKtRi3Tpgn9soh/e -UtcuUHgN3UMJlhU8p/LZZU0FUR16Ca42L6KliUbyUkt235ONc5qWWaXdZvjaiWko -COpur7pmfTJs3kaLRM5wbdh3Sg8XbLmn6aYwQ0mLSu4ocE8kIDVrzrwo116g0NMk -nXMNismb2whxAnTTwkWVapyzSgqKfhkC1fPrsIpQew6MSBN4FC1edV7xI1fl5n8U -g109EzhTEIeqH9bjUHtyKAV6iQXRY5q5VY2iul0DyPTL7u0B7zYR+b/EdKYEtww+ -TT4Dg4hP5MgknuR6ERBtg0hEWxRkYAjRAyxLxUMElIB8zLHd2aUKcb95zzgZsJx1 -huJE68E1Pv5kJ2DXBDUR1qY/Y/zUZhGDo7AO00AWJtE1Qd+YhSLEuD6D4+/lvZmh -Mc5oUwCq3bNlHE8gKDrb5ioeFmqG/j4ZuKokJ+FWF7lFZ4i0oAQ= -=/mfk +klANhQ/9HGufwoJIrfVn1rrOtTclE5+g2CX8iPECUNRY9XRMoLABFbvsUzdnQL8j +lFrUlsMEKtm5jamyeMoHwtWWtXgXzrifSgUAZ7Qv9u8c9mAKBBvsVhrTIhI7GAAo +Gny4YCPFnrUvobhVinSMWo5UnN5JG6aXvgIikzw8p6/k/Vb85sEVoU600LHcF919 +DfsszgGPQczxEW3RF67wgCD34/QlwLjCbNGf1p8VX/EAOrCKkMEF4CT6vImEO7ph +lVo2TcoPSjBiNWzbhhNFgGSyhxtscp6uxTKxCZSCochfC6eeYABq0ZwRKKxEWkkf +gPfvAlj8sSExN/cjc345DOde6b8yYqFZcMXrxuBVNxlyTBTwURqNsazq2p8xRvZU +HvKOoOfD8ZTnhHvEbs+FS8beHIltARIJ4aI1bM+SwYPu2tAVxNIlhkNobPwaCsod +LsRAywPUsvkMAjLDKCEUOWM8/LlevHwC8RrKDNdZLHD+WyI0/tbEH3ubx+DEsTU2 +ynFgqDIUFI8re77D+7WZTEL1wNTNm6DmiAHpfetvBywrq6dzV0w1IkJVHE9SHZ4O +U+CwUOMse8aK++i2N9btjPxYhA8ZzfHpXwxnoXEl+q2jC3PTkl09bE1DM9B+Nqp6 +hg8Rb9IX2grC6Tn1urxv+75hkAaEK1reh9tKLh5l2oXk8gI4ZTg= +=8BwF -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz Binary files differindex 92b8d40924f6..a1398261b9ab 100644 --- a/metadata/glsa/Manifest.files.gz +++ b/metadata/glsa/Manifest.files.gz diff --git a/metadata/glsa/glsa-202107-05.xml b/metadata/glsa/glsa-202107-05.xml new file mode 100644 index 000000000000..292c32b550aa --- /dev/null +++ b/metadata/glsa/glsa-202107-05.xml @@ -0,0 +1,58 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-05"> + <title>libxml2: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in libxml2, the worst of + which could result in a Denial of Service condition. + </synopsis> + <product type="ebuild">libxml2</product> + <announced>2021-07-06</announced> + <revised count="1">2021-07-06</revised> + <bug>749849</bug> + <bug>790002</bug> + <access>local, remote</access> + <affected> + <package name="dev-libs/libxml2" auto="yes" arch="*"> + <unaffected range="ge">2.9.11</unaffected> + <vulnerable range="lt">2.9.11</vulnerable> + </package> + </affected> + <background> + <p>libxml2 is the XML (eXtended Markup Language) C parser and toolkit + initially developed for the GNOME project. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in libxml2. Please review + the CVE identifiers referenced below for details. + </p> + </description> + <impact type="low"> + <p>A remote attacker could entice a user to process a specially crafted XML + document using an application linked against libxml2, possibly resulting + in a Denial of Service condition or obtaining sensitive information. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All libxml2 users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.12-r3" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24977">CVE-2020-24977</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3516">CVE-2021-3516</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3517">CVE-2021-3517</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3518">CVE-2021-3518</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3537">CVE-2021-3537</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3541">CVE-2021-3541</uri> + </references> + <metadata tag="requester" timestamp="2021-05-24T00:17:09Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-06T03:13:56Z">whissi</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-06.xml b/metadata/glsa/glsa-202107-06.xml new file mode 100644 index 000000000000..369536037a98 --- /dev/null +++ b/metadata/glsa/glsa-202107-06.xml @@ -0,0 +1,119 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-06"> + <title>Chromium, Google Chrome: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabillities have been found in Chromium and Google + Chrome, the worst of which could allow remote attackers to execute + arbitrary code. + </synopsis> + <product type="ebuild">google-chrome,chromium</product> + <announced>2021-07-06</announced> + <revised count="1">2021-07-06</revised> + <bug>789420</bug> + <bug>792084</bug> + <bug>795204</bug> + <bug>796338</bug> + <bug>796521</bug> + <access>remote</access> + <affected> + <package name="www-client/google-chrome" auto="yes" arch="*"> + <unaffected range="ge">91.0.4472.114</unaffected> + <vulnerable range="lt">91.0.4472.114</vulnerable> + </package> + <package name="www-client/chromium" auto="yes" arch="*"> + <unaffected range="ge">91.0.4472.114</unaffected> + <vulnerable range="lt">91.0.4472.114</vulnerable> + </package> + </affected> + <background> + <p>Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. + </p> + + <p>Google Chrome is one fast, simple, and secure browser for all your + devices. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the CVE identifiers referenced below for details. + </p> + </description> + <impact type="high"> + <p>A remote attacker could execute arbitrary code, escalate privileges, + obtain sensitive information, spoof a URL or cause a Denial of Service + condition. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Google Chrome users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=www-client/google-chrome-91.0.4472.114" + </code> + + <p>All Chromium users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=www-client/chromium-91.0.4472.114" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30506">CVE-2021-30506</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30507">CVE-2021-30507</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30508">CVE-2021-30508</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30509">CVE-2021-30509</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30510">CVE-2021-30510</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30511">CVE-2021-30511</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30512">CVE-2021-30512</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30513">CVE-2021-30513</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30514">CVE-2021-30514</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30515">CVE-2021-30515</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30516">CVE-2021-30516</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30517">CVE-2021-30517</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30518">CVE-2021-30518</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30519">CVE-2021-30519</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30520">CVE-2021-30520</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30521">CVE-2021-30521</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30522">CVE-2021-30522</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30523">CVE-2021-30523</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30524">CVE-2021-30524</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30525">CVE-2021-30525</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30526">CVE-2021-30526</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30527">CVE-2021-30527</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30528">CVE-2021-30528</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30530">CVE-2021-30530</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30531">CVE-2021-30531</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30532">CVE-2021-30532</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30533">CVE-2021-30533</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30534">CVE-2021-30534</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30536">CVE-2021-30536</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30537">CVE-2021-30537</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30538">CVE-2021-30538</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30539">CVE-2021-30539</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30540">CVE-2021-30540</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30544">CVE-2021-30544</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30545">CVE-2021-30545</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30546">CVE-2021-30546</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30548">CVE-2021-30548</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30549">CVE-2021-30549</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30550">CVE-2021-30550</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30551">CVE-2021-30551</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30552">CVE-2021-30552</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30553">CVE-2021-30553</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30554">CVE-2021-30554</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30555">CVE-2021-30555</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30556">CVE-2021-30556</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30557">CVE-2021-30557</uri> + </references> + <metadata tag="requester" timestamp="2021-07-05T03:25:38Z">ajak</metadata> + <metadata tag="submitter" timestamp="2021-07-06T03:30:34Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-07.xml b/metadata/glsa/glsa-202107-07.xml new file mode 100644 index 000000000000..9a915ff4592f --- /dev/null +++ b/metadata/glsa/glsa-202107-07.xml @@ -0,0 +1,54 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-07"> + <title>glibc: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities in glibc could result in Denial of + Service. + </synopsis> + <product type="ebuild">glibc</product> + <announced>2021-07-06</announced> + <revised count="1">2021-07-06</revised> + <bug>764176</bug> + <bug>767718</bug> + <bug>772425</bug> + <bug>792261</bug> + <access>local, remote</access> + <affected> + <package name="sys-libs/glibc" auto="yes" arch="*"> + <unaffected range="ge">2.33-r1</unaffected> + <vulnerable range="lt">2.33-r1</vulnerable> + </package> + </affected> + <background> + <p>glibc is a package that contains the GNU C library.</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in glibc. Please review + the CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>An attacker could cause a possible Denial of Service condition.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All glibc users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.33-r1" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-25013">CVE-2019-25013</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27618">CVE-2020-27618</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27645">CVE-2021-27645</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3326">CVE-2021-3326</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33574">CVE-2021-33574</uri> + </references> + <metadata tag="requester" timestamp="2021-07-05T02:27:53Z">ajak</metadata> + <metadata tag="submitter" timestamp="2021-07-06T03:37:10Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-08.xml b/metadata/glsa/glsa-202107-08.xml new file mode 100644 index 000000000000..07a104b936be --- /dev/null +++ b/metadata/glsa/glsa-202107-08.xml @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-08"> + <title>PostSRSd: Denial of service</title> + <synopsis>Multiple vulnerabilities in PostSRSd could lead to a Denial of + Service condition. + </synopsis> + <product type="ebuild">postsrsd</product> + <announced>2021-07-06</announced> + <revised count="1">2021-07-06</revised> + <bug>760821</bug> + <bug>793674</bug> + <access>remote</access> + <affected> + <package name="mail-filter/postsrsd" auto="yes" arch="*"> + <unaffected range="ge">1.11</unaffected> + <vulnerable range="lt">1.11</vulnerable> + </package> + </affected> + <background> + <p>PostSRSd is a Postfix sender rewriting scheme daemon</p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in PostSRSd. Please review + the CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>An attacker could cause a possible Denial of Service condition.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All postsrsd users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-filter/postsrsd-1.11" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35573">CVE-2020-35573</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35525">CVE-2021-35525</uri> + </references> + <metadata tag="requester" timestamp="2021-02-20T19:48:10Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-06T03:43:40Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-09.xml b/metadata/glsa/glsa-202107-09.xml new file mode 100644 index 000000000000..355d53f8722a --- /dev/null +++ b/metadata/glsa/glsa-202107-09.xml @@ -0,0 +1,80 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-09"> + <title>Mozilla Firefox: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the + worst of which could result in the arbitrary execution of code. + </synopsis> + <product type="ebuild">firefox</product> + <announced>2021-07-07</announced> + <revised count="1">2021-07-07</revised> + <bug>794082</bug> + <access>local, remote</access> + <affected> + <package name="www-client/firefox" auto="yes" arch="*"> + <unaffected range="ge" slot="0/esr78">78.11.0</unaffected> + <unaffected range="ge">89.0</unaffected> + <vulnerable range="lt">89.0</vulnerable> + </package> + <package name="www-client/firefox-bin" auto="yes" arch="*"> + <unaffected range="ge" slot="0/esr78">78.11.0</unaffected> + <unaffected range="ge">89.0</unaffected> + <vulnerable range="lt">89.0</vulnerable> + </package> + </affected> + <background> + <p>Mozilla Firefox is a popular open-source web browser from the Mozilla + project. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please + review the CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-78.11.0" + </code> + + <p>All Mozilla Firefox ESR binary users should upgrade to the latest + version: + </p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-78.11.0" + </code> + + <p>All Mozilla Firefox users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-89.0" + </code> + + <p>All Mozilla Firefox binary users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-89.0" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29959">CVE-2021-29959</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29960">CVE-2021-29960</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29961">CVE-2021-29961</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29966">CVE-2021-29966</uri> + </references> + <metadata tag="requester" timestamp="2021-07-06T03:15:54Z">sam_c</metadata> + <metadata tag="submitter" timestamp="2021-07-07T07:46:37Z">sam_c</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-10.xml b/metadata/glsa/glsa-202107-10.xml new file mode 100644 index 000000000000..b271ec42cba4 --- /dev/null +++ b/metadata/glsa/glsa-202107-10.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-10"> + <title>TCG TPM2 Software Stack: Information disclosure</title> + <synopsis>A bug in TCG TPM2 Software Stack may result in information + disclosure to a local attacker. + </synopsis> + <product type="ebuild">tpm2-tss</product> + <announced>2021-07-07</announced> + <revised count="1">2021-07-07</revised> + <bug>746563</bug> + <access>local</access> + <affected> + <package name="app-crypt/tpm2-tss" auto="yes" arch="*"> + <unaffected range="ge">2.4.3</unaffected> + <vulnerable range="lt">2.4.3</vulnerable> + </package> + </affected> + <background> + <p>TCG TPM2 Software Stack is a library to interface with trusted platform + modules. + </p> + </background> + <description> + <p>TCG TPM2 Software Stack did not appropriately apply FAPI policies to + protect data encrypted with the trusted platform module. + </p> + </description> + <impact type="normal"> + <p>Data encrypted using TCG TPM2 Software Stack (tpm2-tss) may not be + protected from an attacker. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All tpm2-tss users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-crypt/tpm2-tss-2.4.3" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24455">CVE-2020-24455</uri> + </references> + <metadata tag="requester" timestamp="2021-05-24T14:04:16Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-07T07:58:39Z">whissi</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-11.xml b/metadata/glsa/glsa-202107-11.xml new file mode 100644 index 000000000000..33c7a57948fd --- /dev/null +++ b/metadata/glsa/glsa-202107-11.xml @@ -0,0 +1,47 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-11"> + <title>OpenDoas: Insufficient environment filtering</title> + <synopsis>A vulnerability in OpenDoas could lead to privilege escalation.</synopsis> + <product type="ebuild">doas</product> + <announced>2021-07-07</announced> + <revised count="1">2021-07-07</revised> + <bug>767781</bug> + <access>local</access> + <affected> + <package name="app-admin/doas" auto="yes" arch="*"> + <unaffected range="ge">6.8.1</unaffected> + <vulnerable range="lt">6.8.1</vulnerable> + </package> + </affected> + <background> + <p>OpenDoas allows users to run commands as other users.</p> + </background> + <description> + <p>OpenDoas does not properly filter the PATH variable from the resulting + shell after escalating privileges. + </p> + </description> + <impact type="normal"> + <p>A local attacker with control of a user’s PATH variable could escalate + privileges if that user uses OpenDoas with a poisoned PATH variable. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All OpenDoas users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-admin/doas-6.8.1" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-25016">CVE-2019-25016</uri> + </references> + <metadata tag="requester" timestamp="2021-05-30T16:48:56Z">ajak</metadata> + <metadata tag="submitter" timestamp="2021-07-07T07:59:33Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-12.xml b/metadata/glsa/glsa-202107-12.xml new file mode 100644 index 000000000000..3dc6bc469258 --- /dev/null +++ b/metadata/glsa/glsa-202107-12.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-12"> + <title>Schism Tracker: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Schism Tracker, the + worst of which could result in denial of service. + </synopsis> + <product type="ebuild">schismtracker</product> + <announced>2021-07-07</announced> + <revised count="1">2021-07-07</revised> + <bug>711210</bug> + <access>local</access> + <affected> + <package name="media-sound/schismtracker" auto="yes" arch="*"> + <unaffected range="ge">20190805</unaffected> + <vulnerable range="lt">20190805</vulnerable> + </package> + </affected> + <background> + <p>Schism Tracker is a free implementation of Impulse Tracker, a tool used + to create high quality music. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Schism Tracker. Please + review the CVE identifiers referenced below for details. + </p> + </description> + <impact type="low"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Schism Tracker users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=media-sound/schismtracker-20190805" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14465">CVE-2019-14465</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14523">CVE-2019-14523</uri> + </references> + <metadata tag="requester" timestamp="2021-06-02T11:30:32Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-07T08:00:28Z">whissi</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-13.xml b/metadata/glsa/glsa-202107-13.xml new file mode 100644 index 000000000000..bb98e4f0139c --- /dev/null +++ b/metadata/glsa/glsa-202107-13.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-13"> + <title>GLib: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in GLib, the worst of + which could result in the arbitrary execution of code. + </synopsis> + <product type="ebuild">glib</product> + <announced>2021-07-07</announced> + <revised count="1">2021-07-07</revised> + <bug>768753</bug> + <bug>775632</bug> + <access>local, remote</access> + <affected> + <package name="dev-libs/glib" auto="yes" arch="*"> + <unaffected range="ge">2.66.8</unaffected> + <vulnerable range="lt">2.66.8</vulnerable> + </package> + </affected> + <background> + <p>GLib is a library providing a number of GNOME’s core objects and + functions. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in GLib. Please review the + CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All GLib users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.66.8" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27218">CVE-2021-27218</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27219">CVE-2021-27219</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28153">CVE-2021-28153</uri> + </references> + <metadata tag="requester" timestamp="2021-05-24T01:51:26Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-07T08:01:06Z">whissi</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-14.xml b/metadata/glsa/glsa-202107-14.xml new file mode 100644 index 000000000000..5a10a179d0c8 --- /dev/null +++ b/metadata/glsa/glsa-202107-14.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-14"> + <title>rclone: Weak random number generation</title> + <synopsis>rclone uses weak random number generation such that generated + passwords can be easily cracked. + </synopsis> + <product type="ebuild">rclone</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>755638</bug> + <access>local</access> + <affected> + <package name="net-misc/rclone" auto="yes" arch="*"> + <unaffected range="ge">1.53.3</unaffected> + <vulnerable range="lt">1.53.3</vulnerable> + </package> + </affected> + <background> + <p>rclone is a problem to sync files to and from various cloud storage + providers. + </p> + </background> + <description> + <p>Passwords generated with rclone were insecurely generated and are + vulnerable to brute force attacks. + </p> + </description> + <impact type="normal"> + <p>Data kept secret with a password generated by rclone may be disclosed to + a local attacker. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All rclone users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-misc/rclone-1.53.3" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28924">CVE-2020-28924</uri> + </references> + <metadata tag="requester" timestamp="2021-05-31T20:48:28Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-08T03:19:54Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-15.xml b/metadata/glsa/glsa-202107-15.xml new file mode 100644 index 000000000000..79b937641f54 --- /dev/null +++ b/metadata/glsa/glsa-202107-15.xml @@ -0,0 +1,50 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-15"> + <title>blktrace: Buffer overflow</title> + <synopsis>A buffer overflow in blktrace might allow arbitrary code execution.</synopsis> + <product type="ebuild">blktrace</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>655146</bug> + <access>local, remote</access> + <affected> + <package name="sys-block/blktrace" auto="yes" arch="*"> + <unaffected range="ge">1.2.0_p20210419122502</unaffected> + <vulnerable range="lt">1.2.0_p20210419122502</vulnerable> + </package> + </affected> + <background> + <p>blktrace shows detailed information about what is happening on a block + device IO queue. + </p> + </background> + <description> + <p>A crafted file could cause a buffer overflow in the ‘dev_map_read’ + function because the device and devno arrays are too small. + </p> + </description> + <impact type="normal"> + <p>A remote attacker could entice a user to open a specially crafted file + using blktrace, possibly resulting in execution of arbitrary code with + the privileges of the process or a Denial of Service condition. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All blktrace users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=sys-block/blktrace-1.2.0_p20210419122502" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-10689">CVE-2018-10689</uri> + </references> + <metadata tag="requester" timestamp="2021-07-06T00:11:19Z">ajak</metadata> + <metadata tag="submitter" timestamp="2021-07-08T03:29:36Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-16.xml b/metadata/glsa/glsa-202107-16.xml new file mode 100644 index 000000000000..389a5b9374de --- /dev/null +++ b/metadata/glsa/glsa-202107-16.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-16"> + <title>Privoxy: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Privoxy, the worst of + which could result in Denial of Service. + </synopsis> + <product type="ebuild">privoxy</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>758428</bug> + <bug>768096</bug> + <bug>771960</bug> + <access>remote</access> + <affected> + <package name="net-proxy/privoxy" auto="yes" arch="*"> + <unaffected range="ge">3.0.32</unaffected> + <vulnerable range="lt">3.0.32</vulnerable> + </package> + </affected> + <background> + <p>Privoxy is a web proxy with advanced filtering capabilities for + enhancing privacy. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in privoxy. Please review + the CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>An attacker could cause a possible Denial of Service condition.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Privoxy users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-proxy/privoxy-3.0.32" + </code> + + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35502">CVE-2020-35502</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20209">CVE-2021-20209</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20210">CVE-2021-20210</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20211">CVE-2021-20211</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20212">CVE-2021-20212</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20213">CVE-2021-20213</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20214">CVE-2021-20214</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20215">CVE-2021-20215</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20216">CVE-2021-20216</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20217">CVE-2021-20217</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20272">CVE-2021-20272</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20273">CVE-2021-20273</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20274">CVE-2021-20274</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20275">CVE-2021-20275</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20276">CVE-2021-20276</uri> + </references> + <metadata tag="requester" timestamp="2021-05-31T21:51:37Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-08T03:36:21Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-17.xml b/metadata/glsa/glsa-202107-17.xml new file mode 100644 index 000000000000..4646661b6380 --- /dev/null +++ b/metadata/glsa/glsa-202107-17.xml @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-17"> + <title>Mechanize: Command injection</title> + <synopsis>A file named by an attacker being utilized by Mechanize could + result in arbitrary code execution. + </synopsis> + <product type="ebuild">mechanize</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>768609</bug> + <access>local, remote</access> + <affected> + <package name="dev-ruby/mechanize" auto="yes" arch="*"> + <unaffected range="ge">2.7.7</unaffected> + <vulnerable range="lt">2.7.7</vulnerable> + </package> + </affected> + <background> + <p>Mechanize is a Ruby library used for automating interaction with + websites. + </p> + </background> + <description> + <p>Mechanize does not neutralize filename input and could allow arbitrary + code execution if an attacker can control filenames used by Mechanize. + </p> + </description> + <impact type="high"> + <p>Please review the referenced CVE identifiers for details.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Mechanize users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-ruby/mechanize-2.7.7" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21289">CVE-2021-21289</uri> + </references> + <metadata tag="requester" timestamp="2021-05-31T21:54:48Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-08T03:38:36Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-18.xml b/metadata/glsa/glsa-202107-18.xml new file mode 100644 index 000000000000..f05d598c50b4 --- /dev/null +++ b/metadata/glsa/glsa-202107-18.xml @@ -0,0 +1,53 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-18"> + <title>BladeEnc: Buffer overflow</title> + <synopsis>A buffer overflow in BladeEnc might allow arbitrary code execution.</synopsis> + <product type="ebuild">bladeenc</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>631394</bug> + <access>remote</access> + <affected> + <package name="media-sound/bladeenc" auto="yes" arch="*"> + <vulnerable range="lt">0.94.2-r1</vulnerable> + </package> + </affected> + <background> + <p>BladeEnc is an mp3 encoder.</p> + </background> + <description> + <p>A crafted file could cause a buffer overflow in the iteration_loop + function in BladeEnc. + </p> + </description> + <impact type="normal"> + <p>A remote attacker could entice a user to open a specially crafted using + BladeEnc, possibly resulting in execution of arbitrary code with the + privileges of the process or a Denial of Service condition. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>Gentoo has discontinued support for BladeEnc. We recommend that users + unmerge ssvnc: + </p> + + <code> + # emerge --ask --depclean "media-sound/bladeenc" + </code> + + <p>NOTE: The Gentoo developer(s) maintaining BladeEnc have discontinued + support at this time. It may be possible that a new Gentoo developer will + update BladeEnc at a later date. We do not have a suggestion for a + replacement at this time. + </p> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14648">CVE-2017-14648</uri> + </references> + <metadata tag="requester" timestamp="2021-07-05T23:50:22Z">ajak</metadata> + <metadata tag="submitter" timestamp="2021-07-08T03:44:12Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/glsa-202107-19.xml b/metadata/glsa/glsa-202107-19.xml new file mode 100644 index 000000000000..75efc2f17de5 --- /dev/null +++ b/metadata/glsa/glsa-202107-19.xml @@ -0,0 +1,48 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202107-19"> + <title>Jinja: Denial of service</title> + <synopsis>An inefficient regular expression could be exploited to cause a + Denial of Service condition. + </synopsis> + <product type="ebuild">jinja2</product> + <announced>2021-07-08</announced> + <revised count="1">2021-07-08</revised> + <bug>768300</bug> + <access>remote</access> + <affected> + <package name="dev-python/jinja" auto="yes" arch="*"> + <unaffected range="ge">2.11.3</unaffected> + <vulnerable range="lt">2.11.3</vulnerable> + </package> + </affected> + <background> + <p>Jinja is a template engine written in pure Python.</p> + </background> + <description> + <p>The ‘urlize’ filter in Jinja utilized an inefficient regular + expression that could be exploited to consume excess CPU. + </p> + </description> + <impact type="low"> + <p>An attacker could cause a Denial of Service condition via crafted input + to the ‘urlize’ Jinja filter. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Jinja users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-python/jinja-2.11.3" + </code> + </resolution> + <references> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28493">CVE-2020-28493</uri> + </references> + <metadata tag="requester" timestamp="2021-05-31T21:46:47Z">whissi</metadata> + <metadata tag="submitter" timestamp="2021-07-08T04:02:25Z">ajak</metadata> +</glsa> diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index 1fe8be64523e..89029127bb67 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sat, 03 Jul 2021 21:09:05 +0000 +Thu, 08 Jul 2021 13:39:09 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 0fbb29b111c8..62b17ac292ce 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -d293bbd455c078508ed7f2ca6e48c2cebbf19c5c 1625283274 2021-07-03T03:34:34+00:00 +87db1c532ba9e64836890a3c105fac77e62cbc0e 1625717020 2021-07-08T04:03:40+00:00 |