From c8d60dada2ec8eb48b2d2b290cd6683ccec40e39 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 13 Feb 2021 21:41:11 +0000 Subject: gentoo (valentine's day) resync : 14.02.2021 --- metadata/glsa/Manifest | 30 ++++++------- metadata/glsa/Manifest.files.gz | Bin 500220 -> 500540 bytes metadata/glsa/glsa-202102-01.xml | 95 +++++++++++++++++++++++++++++++++++++++ metadata/glsa/glsa-202102-02.xml | 71 +++++++++++++++++++++++++++++ metadata/glsa/timestamp.chk | 2 +- metadata/glsa/timestamp.commit | 2 +- 6 files changed, 183 insertions(+), 17 deletions(-) create mode 100644 metadata/glsa/glsa-202102-01.xml create mode 100644 metadata/glsa/glsa-202102-02.xml (limited to 'metadata/glsa') diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest index f4af8e162a7d..16096ab586ee 100644 --- a/metadata/glsa/Manifest +++ b/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 500220 BLAKE2B aabc50258bfbbe2cb5f971f25f26b6c05a6f14b711c2f736db373e7c0f145f0cf5c547efb6e1ec1d43ad7c393a98fedc6e4f0b6a62a75dea9d2737f89715f3bb SHA512 66b9eade9f3337a820d760fef65a13534a76b1b7a62212ccfc6cd15a592b34f013e749b09caeb49eab79948c7489c23ae10c93f2b39bc07cd930f362aace586e -TIMESTAMP 2021-01-31T18:08:32Z +MANIFEST Manifest.files.gz 500540 BLAKE2B 7a48959b9c07be5fc6e9e98ffbda2d71400bbd137c089df45f7701ae5dd1ba444366d51af5a4656f0a37ca0bbed5e1b74627c57cf425e57c4516bb7194b7dc59 SHA512 e923ed887d7140a57ff660001f6646dac898bdcaefc8ab2effe01101b80e6b709f7e4d00bf72e6d181aa41f6d99fe7b4285de0597a1b60734104a3eee41ee946 +TIMESTAMP 2021-02-13T21:08:43Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmAW8iBfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmAoP9tfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klCLUw//a/Gb7MGC1NQDv8asjSvpKuat2X6+ECFBpFgrp1MIfoT3Sxson1PRk0JA -oCboXquuQg4ivZelcBcXZGo0m9sKCQfECyewwvRtRqB6SYJ/1ra+diT/qZCNidSg -MfKMN1tHNMm6F7BpYoRiHFf95MISHJfU3mRG93ZlWzvTL+DIAbpZxtD3+kn2gxeK -47uKL3mKFDxK6Q5LDTrPVL34S48Eftt1ODbpOFTmz1OYnIcsE6R9YELUKe+2aIDn -Yy6akMQ9uicuQsb2wIrEHjVIMSz0awk7rIAm40DQz71AvwYOWhTr4AMhnKXxaDyg -Y1oUWPqMOd8mn3vAo4tRmyVdyIzkl2+K//iMVIwowc1NtgtxlqLdSxBnXeHKGpRd -HCS1u51v0/QN2YrZ6B7WJtl/nVdZgts4fxT5Z7inFqGZ7rbBPk+XPL12DIm8Qqub -BZvh4fsM86Fuvse7ClHFmhgqIa+OoBFL7q9C9E2ZSxzy+Oz+EOp2IxpiVtrSyRKn -M3K2UROAScnAN7/oF4MJE93un8E89OLJFOcmOKUVqXFdQ1CRMPefa1L/XdfV9XxU -kcJZrpIpC9iuSwimKuHIoMYNsS9G2JwWupLQJueBzzBmR47FXoskDEaIn4e4vEAQ -TwGZycOIBSrHYHZ3N3SJucm0hDrQ9nKUuk1pJwYZcYE8xv4TUMQ= -=086J +klAvEQ/+NU/DO3MpCK3Ff3BO396Kq46KTyWQ44yJnMXGuk799KY1/WIT1sR2WDpU +Q6DihIj4ECX+Xrhy5zWOG04o837kT0lkSZoLLqC7d3tzELDt4raFhuovRs6OpEYa +Iy3sAcwGBNOgfYX3rFC7bdHKrDktl14pdQz3YsBPly+S4sPv+/7L8ZoPKZxEKyNW +K0vYXV1s7qdUMhGr5LYxi+nttNuca3YtPaRzsrtqXBQI55yf887yU4Aw/4LgJK9J +V0k2v8TAaS2dBd9o+BEG6AyI2l0BAm6HJn9bLIzA0iHyOEqea4sQtMY5/GLgv9Uy +wwgcMnXQDW9KAE1JrC6kMNrFAlXbXjvR4qSoHBx/+8K3MmY2RYuHq4T0aiMVeQlE +6wZXZ3Rqbmeuo9DkKIZtXq9WuwzG7X59aY8dJ7oOrDqAfnRgCN0hAUSIylM1SBim +H/DqdoEs5xutk+VJAMWzAm0DsSej4gl77PIYsmnB12jM6yNW+dx6AhFUF4S2EpIO +OQyT5uK93DyU+G9HEiCgbVnJBOU1zpi8W7UhFbeJSvO+8hAn4I5J4B3K0RH2t1Xp +QygTOROOngXqCgTZ21ucmXntZcQIgcPXT0PCB8rFXV0Xq7w9dT8X89qpm+49NgMR +sJVBmZjm6tJkFgAhNsDK8/twNATY/SZchRqnVo6tRT7+EX7C+Bk= +=mWiG -----END PGP SIGNATURE----- diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz index 8e5c9db63e0a..5b3950946df7 100644 Binary files a/metadata/glsa/Manifest.files.gz and b/metadata/glsa/Manifest.files.gz differ diff --git a/metadata/glsa/glsa-202102-01.xml b/metadata/glsa/glsa-202102-01.xml new file mode 100644 index 000000000000..c448adf3cd6c --- /dev/null +++ b/metadata/glsa/glsa-202102-01.xml @@ -0,0 +1,95 @@ + + + + Mozilla Firefox: Multiple vulnerabilities + Multiple vulnerabilities have been found in Mozilla Firefox, the + worst of which could result in the arbitrary execution of code. + + firefox + 2021-02-01 + 2021-02-01 + 767334 + remote + + + 78.7.0 + 85.0 + 85.0 + + + 78.7.0 + 85.0 + 85.0 + + + +

Mozilla Firefox is a popular open-source web browser from the Mozilla + project. +

+ + +

Multiple vulnerabilities have been discovered in Mozilla Firefox. Please + review the CVE identifiers referenced below for details. +

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Firefox ESR users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-78.7.0" + + +

All Mozilla Firefox ESR binary users should upgrade to the latest + version: +

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-78.7.0" + + +

All Mozilla Firefox users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-85.0" + + +

All Mozilla Firefox binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-85.0" + + + + + CVE-2021-23953 + CVE-2021-23954 + CVE-2021-23955 + CVE-2021-23956 + CVE-2021-23958 + CVE-2021-23960 + CVE-2021-23961 + CVE-2021-23962 + CVE-2021-23963 + CVE-2021-23964 + CVE-2021-23965 + CVE-2021-26976 + + Upstream advisory (MFSA-2021-03) + + + Upstream advisory (MFSA-2021-04) + + + sam_c + sam_c + diff --git a/metadata/glsa/glsa-202102-02.xml b/metadata/glsa/glsa-202102-02.xml new file mode 100644 index 000000000000..69f0cc482a4d --- /dev/null +++ b/metadata/glsa/glsa-202102-02.xml @@ -0,0 +1,71 @@ + + + + Mozilla Thunderbird: Multiple vulnerabilities + Multiple vulnerabilities have been found in Mozilla Thunderbird, + the worst of which could result in the arbitrary execution of code. + + thunderbird + 2021-02-01 + 2021-02-01 + 767394 + remote + + + 78.7.0 + 78.7.0 + + + 78.7.0 + 78.7.0 + + + +

Mozilla Thunderbird is a popular open-source email client from the + Mozilla project. +

+ + +

Multiple vulnerabilities have been discovered in Mozilla Thunderbird. + Please review the CVE identifiers referenced below for details. +

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Thunderbird users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-78.7.0" + + +

All Mozilla Thunderbird binary users should upgrade to the latest + version: +

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=mail-client/thunderbird-bin-78.7.0" + + + + + CVE-2020-15685 + CVE-2020-26976 + CVE-2021-23953 + CVE-2021-23954 + CVE-2021-23960 + CVE-2021-23964 + + Upstream advisory (MFSA-2021-05) + + + sam_c + sam_c + diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk index b41d1dbaad98..014e91410990 100644 --- a/metadata/glsa/timestamp.chk +++ b/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Sun, 31 Jan 2021 18:08:28 +0000 +Sat, 13 Feb 2021 21:08:40 +0000 diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit index 67da988a6843..ae6b487559e5 100644 --- a/metadata/glsa/timestamp.commit +++ b/metadata/glsa/timestamp.commit @@ -1 +1 @@ -efd0aa32fd2ca278747b075a2c8f414bb8aadead 1611878727 2021-01-29T00:05:27+00:00 +ad25bb1223098eee6704824c258e1e4aec82f809 1612143785 2021-02-01T01:43:05+00:00 -- cgit v1.2.3