5 files changed, 116 insertions, 17 deletions

diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index a095a9e00268..03d430795aac 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 562011 BLAKE2B 4f303bfa2201afa25d92c6de3ee0b20c33a55df26101444f3a60a5c7551ad29bbf2b4a0ea12786f5c698395abed552f9c00010c60be13643dabbf13f4cc8bebe SHA512 5627c638c07440b1a865e6a00253907199dfeb4a109a0da198bbe5312fad4cc04c4fe2d7e89ba479739fbfe5cadee585c3f001e6dd0b8484b386e2646fb8d5ae
-TIMESTAMP 2024-01-17T13:40:23Z
+MANIFEST Manifest.files.gz 562170 BLAKE2B 13793f99b2aeb07db808adbe0b1fe69005e597c86f14ec256c0bd329f157247d0873634aeaa1ef5172fbb27f87e570da5c2f41e37c53ebba4300745897cb3960 SHA512 33976cf0e449ecc18853b813040657dd420fdf2c05dc4aff4bdff73e28ad9894a7768a1303c77eed2804fc2648a328b169039a8cc4b94656ca92b5d36f9ce3d4
+TIMESTAMP 2024-01-17T19:40:12Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWn2MdfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmWoLRxfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klD5QBAAig51spO/Jazrguz7LfyoYHL3soZAgrEuODWBbH6LiFYh+YqfvhyqIRLG
-YYInosyJK0h2RXOFNdVJ3ZWuBZlLhYd6V7jspXP8Ex2lo5pS0uHHO7kwpPbPtnXQ
-3CJcvkkafIWJ+hxu5u/jzFhw3ObwQ9pjRWKeiUp6/4RJNHGFP1UGqhGji345L89M
-57BDCkNTSYQIuyD88cyjUwXb3q93sjxG/XobLN1QSGUco4ordwqfUSGtx4I1m9d4
-mzKd3Dy53TvN7TP+yMHB/ay4y9nG3DzObMoZBVy9Cc3Nnh/OyTRLzzLiWbDzfpNV
-2qU/nbwaBxFmaAul2Dxijb47XQdov9LbHOHp3RTvgk9KQ1kTa5K6rpO1CxQgv6nX
-wrSKIrrQDwvj72Fjrmhcb/BC6LDBC0eNdkAli9nvuYgwFWelMSZivtoZcIUERndG
-TOEmlY/S3Iu5o31O/cE4AluW60R9oG98/0r9yhR7yErdr8h+u5mWNjqR+mRggbjH
-yedI707ZPUmP1g8AKvO4kTEeb+TI2kzy+nj/hGNZTrBCSP64BjEdtYUnIlg5ug+f
-gZ9wzkH6JkHq8VAh1uhm8N8I4Pn3moxfTQOEwLL0h49HpfL/8/og9x1CAaVlSr7N
-uYrZecrQKx35ulCUvRdzYvmPf01zs7vd/pA9E4mIFKrS4Q9N9yo=
-=Yz2D
+klANHBAAkbVpd98W0Fu5udadgwjf80KaPgAL7miXoM7ir+TdO5BeD7DhhRlozfZr
+h8tRyaoOHu8ns9rhPHMvepBxLK2kPNzA8QlcJLOCEzlB5PKR6XbdO/dCJME46QSM
+HqgFjaBOBGZaz+ITeGCdw2FsKBzvP4YuqDP6oDl0pbgHmJO54zOsInXB/RMlvGKW
+BxSWMUfa2aVTE/i0AN+rdnlYrfswSD7NdjlJ8uqH08OEn5Acw2NhuCRucYBr/MPg
+KOapHzViQUe2/miG7DfNa4CyTlVpJg5tj7Ns07dGARtYOtGkTGc5WVEYfHP3G8Wy
+4lfgCHKVw1x3kMv3+sDnr//C4tHaXuck4mJY93dFLKstQTzOn1ZWC1+7rxIyAPpq
+24Cmo0AyoswvXTqXLytRualAAaQZJPVVNMqEfoForuYuLvmxqSRo3PZB3rikT1jW
+WDg/angmYxNUCaDqpDWj+s0UxtSULz/plQO7XTuLnTaXw6SleXZWDCvRfvPfYol1
+CX3MYssJ3/Mv3IxGdQl8XE9lNYwiATA6Y01ZRdqakv3ZR1srv5Gz+GGg3x56Muey
+1AaVHyPbhI2xM6UtT+fW8ZV++Zw8kepYiHQceck4aZYVnh4555R5t6IgtkQgEUZO
++HUA9fu7YTz8ME42Rhi756IS8yyVmcOCupwYS38yw0t+me1Oy/w=
+=76qA
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index 09208ae46cb9..d4fa5e4d7562 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-202401-25.xml b/metadata/glsa/glsa-202401-25.xml
new file mode 100644
index 000000000000..97103d77adab
--- /dev/null
+++ b/metadata/glsa/glsa-202401-25.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202401-25">
+    <title>OpenJDK: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.</synopsis>
+    <product type="ebuild">openjdk,openjdk-bin,openjdk-jre-bin</product>
+    <announced>2024-01-17</announced>
+    <revised count="1">2024-01-17</revised>
+    <bug>859376</bug>
+    <bug>859400</bug>
+    <bug>877597</bug>
+    <bug>891323</bug>
+    <bug>908243</bug>
+    <access>remote</access>
+    <affected>
+        <package name="dev-java/openjdk" auto="yes" arch="*">
+            <unaffected range="ge" slot="8">8.372_p07</unaffected>
+            <unaffected range="ge" slot="11">11.0.19_p7</unaffected>
+            <unaffected range="ge" slot="17">17.0.7_p7</unaffected>
+            <vulnerable range="lt" slot="8">8.372_p07</vulnerable>
+            <vulnerable range="lt" slot="11">11.0.19_p7</vulnerable>
+            <vulnerable range="lt" slot="17">17.0.7_p7</vulnerable>
+        </package>
+        <package name="dev-java/openjdk-bin" auto="yes" arch="*">
+            <unaffected range="ge" slot="8">8.372_p07</unaffected>
+            <unaffected range="ge" slot="11">11.0.19_p7</unaffected>
+            <unaffected range="ge" slot="17">17.0.7_p7</unaffected>
+            <vulnerable range="lt" slot="8">8.372_p07</vulnerable>
+            <vulnerable range="lt" slot="11">11.0.19_p7</vulnerable>
+            <vulnerable range="lt" slot="17">17.0.7_p7</vulnerable>
+        </package>
+        <package name="dev-java/openjdk-jre-bin" auto="yes" arch="*">
+            <unaffected range="ge" slot="8">8.372_p07</unaffected>
+            <unaffected range="ge" slot="11">11.0.19_p7</unaffected>
+            <unaffected range="ge" slot="17">17.0.7_p7</unaffected>
+            <vulnerable range="lt" slot="8">8.372_p07</vulnerable>
+            <vulnerable range="lt" slot="11">11.0.19_p7</vulnerable>
+            <vulnerable range="lt" slot="17">17.0.7_p7</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>OpenJDK is an open source implementation of the Java programming language.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in OpenJDK. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="normal">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All OpenJDK users should upgrade to the latest versions:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-8.372_p07"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-11.0.19_p7"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-17.0.7_p7"
+        </code>
+        
+        <p>All OpenJDK JRE binary users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-8.372_p07"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-11.0.19_p7"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-jre-bin-17.0.7_p7"
+        </code>
+        
+        <p>All OpenJDK binary users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-8.372_p07"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-11.0.19_p7"
+          # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-17.0.7_p7"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21540">CVE-2022-21540</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21541">CVE-2022-21541</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21549">CVE-2022-21549</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21618">CVE-2022-21618</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21619">CVE-2022-21619</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21624">CVE-2022-21624</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21626">CVE-2022-21626</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-21628">CVE-2022-21628</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-34169">CVE-2022-34169</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-39399">CVE-2022-39399</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-42920">CVE-2022-42920</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-21830">CVE-2023-21830</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-21835">CVE-2023-21835</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-21843">CVE-2023-21843</uri>
+    </references>
+    <metadata tag="requester" timestamp="2024-01-17T13:45:06.792804Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2024-01-17T13:45:06.795516Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index 708ac8e5a36d..021153dafca2 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 17 Jan 2024 13:40:16 +0000
+Wed, 17 Jan 2024 19:40:08 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 7899102bc495..8731fa61a717 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-9948613604a215d86e6a6c8ec06c466da8195f4c 1705412593 2024-01-16T13:43:13+00:00
+192b729d81f588010b67c1e39e06aa02c513b126 1705499128 2024-01-17T13:45:28+00:00