gentoo auto-resync : 16:01:2025 - 06:41:40

5 files changed, 64 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index c6d4a1a784db..44b527fa584f 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 594915 BLAKE2B 220d9175cb1796cb5045abb4a1dd895efa478aa604a6eb3dde800553a73ce6b12ecf630b6574e1fc834659bac119417be17231464d8355e60ed5ed18f51b8044 SHA512 db425e75cb49a2ea05358c8e7f4e366d86628930a1e26279cb8287fe250565842ac004358a56986eb2aa4342ed7217cf30c8f78d97a02ed24483cca80fd1b2eb
-TIMESTAMP 2025-01-15T06:10:49Z
+MANIFEST Manifest.files.gz 595076 BLAKE2B 9227ab236a3bb3f23858c767e17a9513cd0c0e76b282940d5855c7bb217f59cead2a59f0dd39f3aa278e887b5c4b9114e0c02c9c8604f5d82c14acbaa0e8a1d3 SHA512 8c24f1410b4bf7d8713e266119872ede63eebb49f85a32d13c2875e242edc2ce1ee05716986a96b3b406799ef58315cfe9e38e1e20f8ddb291032d055f3b48ad
+TIMESTAMP 2025-01-16T06:12:11Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmeHUWlfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmeIoztfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klD1Jg/+LaSy3w28H2DzaW2xEH5ueKQYN1+lAF1jJZ1PQhUHZQCvHYZOlE+Aae0v
-QD1B7UfMGxVA8aZQXYLrI++GhfRBlGFk236yIUejNTWEVY2A9zhlnnyFJ7UJYVLQ
-N2Wd13FfaN0KqUpPQ8wdaxPkYkE09Pg+/jkiiwjVWsrfHDkaJI5vA4OIehFjghXW
-+tmMqfJQJ/Olh/iCdUZA8P582SjJDJO6KxC9uEQeszxtZJR+fztsp95hSfrxrZaD
-d0RIOSLtTQ0lY1+qIV8f4fAUcmj01x4pRTNy5gak0QxkAMnkTaLT1wT/Ql5MimWt
-g+lv5sgl8Ib6uVDmp0yYgN/BYogu3Y6PNcuFgS2ZkgXtZeDjAhgv13e1Zg9Hmk3v
-UuLGS+W1v96+VLqa+n8j4DuLuOGffsJkbLnvd1c9CaG8LsJD5se9sS7htbQpcGg0
-G/VaRqlyX/d25lC6ZGsF66KGQh7G4+gdkGvBZCEOFVs6bFVF5ku08m/bhCPo5fSw
-thNxd4G7n/gWH4wM3dvpJJjNThQ5lRznkfnOPNqdEptf4oWzmgzJzRO6c6+7uim9
-8kWyxnm9F0ynFC+vsDRCaFi9nvMGRveHAshT2Y984jInk9No9VDI26MYyOGoIlRA
-n3BlPKMw6OMobSzNp4jo1QtZVh6H/t34SIUZudlqSWYDkatF9BE=
-=EKvA
+klA2DBAAjw9kzhyc6S3ggTemDX8CjWBaqTia08wPPCx3/8b3UOA6ajMJc6u/koWR
+hUhR9MIGdUbygYsNRLo/LS2kAzjT2vsw68Vj0Vrv45qmGzzNdIt0X3bgIXbtqt1V
+NLT/UntHCxBITuQkmeDDipHk4dZ7ejmGSkLVCo0ia6B8kpurhg1KZFOsgGNEWOmg
+32jtbqn8CTgzefGeNh5qX9/8APZeat+wqIR9VfVo4UIM9/V/1TzhsIsDQifAunYG
+OCMBZFBhahGxBAnpgnWOISbOZ6BL3vHQFz0RFwWHes2YEpzMVy0RYCdsq+ALTq66
+PvBF2IYcvTqqMVUWOzMbifqS2z8j0W6B14Y/jhZs+/rroHK2MyCMNbVsd8Tdva16
+haEYdt1jY4J5Q/yU2hCofydxsn57N7QXVQNfaWVsP8CY9qkdU4KJpjHsaLK4XdCp
+eyBn/+NgSGQWrW4TqPGrdvozSI0Nan+SFsMdYkLl5UUNLy3tqROvDlH5LTwrtYoS
+3Kuif1VeX9cp2kn1b3JGqeqSZdSej+I5lYuT1zz/fY+5soAWRC3xCBuYL5Domv+k
+UAMk0igEMk67axqsBX5+KGTzAXZkY1efd+e9bkHI5TR9qs6XqbaWNpX5c4TDnRRS
+NnaRus7wbA8VsO0OZEGO55DrjYxUJNp5Y7r9RSKpMAjjfpxUtRk=
+=MA9X
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 1b987a323dd7..056a672a6712 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202501-01.xml b/metadata/glsa/glsa-202501-01.xml
new file mode 100644
index 000000000000..864723609d7e
--- /dev/null
+++ b/metadata/glsa/glsa-202501-01.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-01">
+    <title>rsync: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">rsync</product>
+    <announced>2025-01-15</announced>
+    <revised count="1">2025-01-15</revised>
+    <bug>948106</bug>
+    <access>remote</access>
+    <affected>
+        <package name="net-misc/rsync" auto="yes" arch="*">
+            <unaffected range="ge">3.3.0-r2</unaffected>
+            <vulnerable range="lt">3.3.0-r2</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>rsync is a server and client utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo&#39;s Portage tree.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in rsync. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All rsync users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.3.0-r2"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12084">CVE-2024-12084</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12085">CVE-2024-12085</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12086">CVE-2024-12086</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12087">CVE-2024-12087</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12088">CVE-2024-12088</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12747">CVE-2024-12747</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-15T17:18:08.215935Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2025-01-15T17:18:08.218034Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 354c1efbe383..2c2c2ad06b5c 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 15 Jan 2025 06:10:46 +0000
+Thu, 16 Jan 2025 06:12:07 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 9f09f9ad7dc1..405752cc0ae4 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-75999cf3645e45cf60bdeaf1621c235c071cf08b 1734174153 2024-12-14T11:02:33Z
+889122c49e5c31f1eef3898e4cc046b7dc7e71e3 1736961519 2025-01-15T17:18:39Z