From 434d713861b70f6c6563d6ee50a8e64f14c970d9 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Thu, 15 Feb 2018 16:58:00 +0000 Subject: gentoo resync : 15.02.2018 --- metadata/glsa/Manifest | 30 +++++++------- metadata/glsa/Manifest.files.gz | Bin 416281 -> 416439 bytes metadata/glsa/glsa-201802-01.xml | 85 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 5 files changed, 102 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-201802-01.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index 362fd853017d..a16b46b6c408 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 416281 BLAKE2B 9f5d0005cdae01ce5134efdc393aef2fa9e4486317293d473758f4b6f8a874ce6ac4b387a4d8c46338853ea09d96165ac399c906f15c28230dbfd8e95d4cdf26 SHA512 abd62c080ba1aa5d4609732620883228f3aa81aa544122207a98ca33c50401945a5d524cfb277af684f89fcc0fb6bc394206dcd88925ddccd9d1d6a9ee4a9949 -TIMESTAMP 2018-02-11T15:08:28Z +MANIFEST Manifest.files.gz 416439 BLAKE2B 9451ad1983863ef867238ceaf1d2a0af002edf5e1ee38ab229eea18dec7f38c31751e2367ad2398ad5cb5d9206fec16a27ff1b7fb6ff757ea2f3b3fbb7fa275b SHA512 aa029ea036d1044bc9b418b6deb17521309312a35b209441023548e1b4be034c00928f553cefbe006eecd6d99256dc219c640bc0b04b4c49e0a78c63944b4a4b +TIMESTAMP 2018-02-15T16:08:30Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlqAXGxfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlqFsH5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klCVAA/+MEV3zgMKg6BaGw1dz9PRIz0c9ocFEjpEoTztXgSXY9atFiaTE0P6lmcS -Ga5g4M80qfGJTje3blyRdYRP/vHYgN1Lr0NBnlQLTiRXKuJ5aNzjHR2kBUgIXUC0 -Pgq/SY3z0n0CpZu4f3xk5o9AuqwWsh8wcpZm0xU+BrF2tFYHPw6ZOz6IBVw8BDse -k65x/HWhGMXVg12NCqh6Yj/Uc+G6Y2l0HxXskNvuznT5z65Eepf5NJaFIOnyozYP -GWmKuIks8YmFD8zJiowdVUaari1d8xpEb8WQavm4KsWYyU7AY3MiOlI1iqKLCZE3 -6Jrsnqj0SFT9y3xqgZyqY91BZ4FuYfxKcoUdifoHUDGuwOMcEKWMs0y9my2kXB4k -AwBsOpSoMguX4N2iTNok6sOrFYg+5i3gRY2k3RfkluLtTEw6xQBf4EiGp97MVbqx -RbkeDF9+xze4HL6fEZbErug5oD93c4pw7CoMcEz+2XMF/08CrW0V2xs/oHhv0Cwx -3wHyaGoXXm0FrRrC4gIgk8VASxyqaHOL4uUzcx2+oyb8soJNIUw4PjKfdNIM8dYg -7Oz5NpOHLYQGkzKCMIa2nMhDx16U4B3INZgsgF9/+pJ7z71Y5yujOWm1OyXc2A8L -8mcNwrcT1J6n9OTbLtSqP2WrlyPl8JoPgXXAf+PR675qLqKQ3bo= -=4m26 +klBCDRAAt0vn/OKXcdVR+IieLvF+nGQBPwsOGSuRVLSHI/lw5KQz14RmmgX+x24I +NSaKmay3V4XK/MssDuipfm+ztq6IVlJzTuDGuKSowlpCM5g5MDtNbWUyDzSPZUbc +hE4wqjIR35BNif7QU7Wyz666vGqgdNpr50eU7cZdAQqZ+VzJGODNvndMXgMib31q +mKJnoJqIOXJfcoyuvBTaEZpHd5h5H0s2VhNeNDZm7k8SZPchD+psgzSkGiui008T +jOuYG5QSsLfFFIWjLWYLIbvWxbqwvVBd1aM81XT2iOLocmS6zqpWqFvwQnUX8vKY +dEvgpRJPoJn8JuMSFblsqPZcHbqURjAK+u5tOdBPDCBpyITRTNhxSUqYwQ2iV/In +wjRghM1T7mJMM0v87b6yHrse4mHBz6tZ5zsZa1qRiVsJNw4DN5NrpcB1FllCqSve +edAgBquQiXoTAXg2M80MBlwqliQCjrMlgz+WKNgKO1Qa5ULrjy+iHcvCKM4vJgob +Tnbj4C7VfDD+yrTu0nrQu1YBtAso/zh2KIY1Jtb6ycuo8503AmRoNoQCO062auW6 +ToeijQrmvFUN832eOXo6+UxXb+AG4geS43WgcHHex+WAQ238SbPm6RvSusFVWp7X +27cDUSMI43X6hYIwHYbTbVHO9uxOFstzNfFWxnyZ9pwz/V+0St8= +=TelI -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index f87abaa3fa80..4bb9feddeaa4 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-201802-01.xml b/metadata/glsa/glsa-201802-01.xml new file mode 100644 index 000000000000..81eb28da9afd --- /dev/null +++ b/metadata/glsa/glsa-201802-01.xml @@ -0,0 +1,85 @@ + + + + VirtualBox: Multiple vulnerabilities + Multiple vulnerabilities have been found in VirtualBox, the worst + of which could allow an attacker to take control of VirtualBox. + + virtualbox,virtualbox-bin + 2018-02-11 + 2018-02-11 + 644894 + local, remote + + + 5.1.32 + 5.1.32 + + + 5.1.32.120294 + 5.1.32.120294 + + + 5.1.32 + 5.1.32 + + + +

VirtualBox is a powerful virtualization product from Oracle.

+ + +

Multiple vulnerabilities have been discovered in VirtualBox. Please + review the CVE identifiers referenced below for details. +

+ + +

An attacker could take control of VirtualBox resulting in the execution + of arbitrary code with the privileges of the process, a Denial of Service + condition, or other unspecified impacts. +

+ + +

There is no known workaround at this time.

+ + +

All VirtualBox users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-emulation/virtualbox-5.1.32" + + +

All VirtualBox Binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=app-emulation/virtualbox-bin-5.1.32.120294" + + +

All VirtualBox Guest Additions users should upgrade to the latest + version: +

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=app-emulation/virtualbox-guest-additions-5.1.32" + + + + + CVE-2018-2676 + CVE-2018-2685 + CVE-2018-2686 + CVE-2018-2687 + CVE-2018-2688 + CVE-2018-2689 + CVE-2018-2690 + CVE-2018-2693 + CVE-2018-2694 + CVE-2018-2698 + + b-man + b-man + diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index b9f05110e62a..236ad6aada15 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sun, 11 Feb 2018 15:08:24 +0000 +Thu, 15 Feb 2018 16:08:27 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 70bcad55b1d5..7a2b7b5b3ad6 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -d8a17c05c216f757bca7ba612006419934a11158 1517072516 2018-01-27T17:01:56+00:00 +64ce437d0a7b7134c3694879d7b9648fad09b8b3 1518388633 2018-02-11T22:37:13+00:00 -- cgit v1.2.3