mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-17 18:06:59 +02:00
bump(metadata/glsa): sync with upstream
This commit is contained in:
David Michael
parent
0a6066d58e
commit
01d5904a4f
@ -1,23 +1,23 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
MANIFEST Manifest.files.gz 440912 BLAKE2B 9ea8574697c29c79c477a36363f4d2c7b47da71f24d32c0c849b43ce85c6195cd38852f18e3e9f5a67f08e2d69d3d9091663b6da7e2de6a6da8181d5e49cc23c SHA512 9cb4038f89f175ad7d3ff9ca55bdb899358687b385a53ef46218971a23729281d566301e32309e2541593a1f08bdac5dd3cd4b48d7044ca634475e0fe0bfcaea
|
||||
TIMESTAMP 2019-04-11T12:38:47Z
|
||||
MANIFEST Manifest.files.gz 441389 BLAKE2B 093e93262bf483b8a2bcc307a67ed12b9a008b091206b3199a591d3750f160ecd8d405fa2d589c50e6bc2325d61eb79b1d8446527955e000c6a79db6428aa4c4 SHA512 94781b7611851868089b1a2920af50bbaa946ae05421f4009d9efb8e3c447cfa812f2ffd4557a4e7723d44d2c3de8d5f75a986179eb0599749c45f97424f8f9a
|
||||
TIMESTAMP 2019-04-15T22:38:45Z
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyvNVdfFIAAAAAALgAo
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAly1B/VfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
|
||||
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
|
||||
klA7VBAAmDdXoj2eZ1SsUTbehYwJzWTAauBYVV5tm9KK9h1rLUgeYBQLhnV9f5HQ
|
||||
cSwhXkE2ldTSCGaCPHEKUQ8MoB4gt20/Rfx1DAyUwfx7gwCvzcyQgdb6nMDPcCsf
|
||||
5GcNn4533pkSM1xMAZuphqgHNb5Q8uFtKWwfqxiW7qt1a+h1f0MmTO0dKAEv3QUh
|
||||
RXLe8Z9o5fUpN+NJDabm3ChqDThGmf2RLCj9X8xbvSiSRli/++N7IcOMxtOzpcJM
|
||||
CIr6FqUXA9aEOvq0lae3T6L7lCjQwbbE6TB4A/iDkRYZZnp37q4KzOQyL6c+88JA
|
||||
fqzvpBLA4FzQiglosTffBo9Qj1iO5Yet/5Hu1OzaNUytMbpyUKfunoOwO4xcb89X
|
||||
O3CiwJgQ/QVgqCrZdpcN/FSt2MH8FENsdi3g+ukJGFsdZZdJANozGXrIGxVNKQ99
|
||||
4L7PdRkuxz/DWUAoZxr4HRHImtlpeiqXIaydNw5gdwfK48WoPSmDr84LcQRrHsTv
|
||||
f5S2jtvLp3TlLe0GNRfKxEZDyaNHFk4AtZYpixd8e4Fj7b4HQJMEZ517Hw8flVj6
|
||||
zcs5jHWj8fYWEUjMBmALuLdMxx/jbf12V/XEjJRitIWQje/smWl0LLhbtPNb6a9B
|
||||
C2MKIRNe4w0gUbe+rOUVWQXKG+ke7wToYWIJJ6AV8Iz7Kb85n3I=
|
||||
=K0i0
|
||||
klCTTQ/+LoyNjk0WaohJfdGwelXIvxc8PK+Es4GejfugAVE8Kw4j5avBTRncesRy
|
||||
0K66JbwrVDHapotEGCgebVXlF/aorinnWl/9fImUIgcQ7carpH8w8OZYSFmT6ZLI
|
||||
Wz2VKDJUS/3bhHw4no+MwXYKkG/z4q+EEo29aXVtDs7tWh8I+XNn3Bc5pf7eOyWv
|
||||
Wlf1FqK84D/qoRJJO8P5azocqAQ+B0H0U3J6JkWcms4ks/czq+xTqLMki7o8/J2O
|
||||
8IeJLOK5kDyYG8wMOLhX2Btnth+2stQDv+vcA+UFcAWkuyPv5VpR7rZizZONz4I8
|
||||
AcGfd598jYoU1WBvxZ+xDpDe6ryG80RvztSVF3l80t78MoR30vXhLuHHYh3rR9cX
|
||||
Uey+Mdx9wpz7sg3B+kRpvRDxpQ++u6uzhC5hTgmRazVWcJYx27yC7DCMHWWvtto3
|
||||
h7aF4gX3e62pUno2pkQAWvjjwEi5elXNeFNE2gK0+jl6msCthv0C5eMEmmjX26m3
|
||||
wIWdTifPdJt3ACOO4E9MGLm5qn1uMuSVtujiqrwuB+tUF9H5m4unZHKXwatNKr7M
|
||||
lOw3p7j57k0UXu8GyH1lzyxin9ThsA8zTFCeJaoRGmxM1kmNgRV8eGTkllt2xvqZ
|
||||
+KPpPIoy9Lo/txXM0B1lYoL7B64KWj383VOcx8Eaplc0pgUlti4=
|
||||
=Zh34
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
Binary file not shown.
49
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-14.xml
vendored
Normal file
49
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-14.xml
vendored
Normal file
@ -0,0 +1,49 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="201904-14">
|
||||
<title>GnuTLS: Multiple vulnerabilities</title>
|
||||
<synopsis>Multiple vulnerabilities have been found in GnuTLS, the worst of
|
||||
which could result in a Denial of Service condition.
|
||||
</synopsis>
|
||||
<product type="ebuild">gnutls</product>
|
||||
<announced>2019-04-15</announced>
|
||||
<revised count="1">2019-04-15</revised>
|
||||
<bug>681846</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="net-libs/gnutls" auto="yes" arch="*">
|
||||
<unaffected range="ge">3.6.7</unaffected>
|
||||
<vulnerable range="lt">3.6.7</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>GnuTLS is a secure communications library implementing the SSL, TLS and
|
||||
DTLS protocols and technologies around them.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Multiple vulnerabilities have been discovered in GnuTLS. Please review
|
||||
the CVE identifiers referenced below for details.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="normal">
|
||||
<p>Please review the CVE identifiers referenced below for details.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All GnuTLS users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose ">=net-libs/gnutls-3.6.7"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3829">CVE-2019-3829</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3836">CVE-2019-3836</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2019-04-02T06:51:08Z">BlueKnight</metadata>
|
||||
<metadata tag="submitter" timestamp="2019-04-15T20:45:09Z">b-man</metadata>
|
||||
</glsa>
|
||||
47
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml
vendored
Normal file
47
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml
vendored
Normal file
@ -0,0 +1,47 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="201904-15">
|
||||
<title>libTIFF: Denial of Service</title>
|
||||
<synopsis>A vulnerability in libTIFF could lead to a Denial of Service
|
||||
condition.
|
||||
</synopsis>
|
||||
<product type="ebuild">tiff</product>
|
||||
<announced>2019-04-15</announced>
|
||||
<revised count="1">2019-04-15</revised>
|
||||
<bug>669948</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="media-libs/tiff" auto="yes" arch="*">
|
||||
<unaffected range="ge">4.0.10</unaffected>
|
||||
<vulnerable range="lt">4.0.10</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>The TIFF library contains encoding and decoding routines for the Tag
|
||||
Image File Format. It is called by numerous programs, including GNOME and
|
||||
KDE applications, to interpret TIFF images.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Please review the CVE identifier referenced below for details.</p>
|
||||
</description>
|
||||
<impact type="normal">
|
||||
<p>Please review the CVE identifier referenced below for details.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All tiff users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.10"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-18557">CVE-2018-18557</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2019-04-02T05:33:33Z">BlueKnight</metadata>
|
||||
<metadata tag="submitter" timestamp="2019-04-15T20:50:36Z">b-man</metadata>
|
||||
</glsa>
|
||||
50
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-16.xml
vendored
Normal file
50
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-16.xml
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="201904-16">
|
||||
<title>phpMyAdmin: Multiple vulnerabilities</title>
|
||||
<synopsis>Multiple vulnerabilities have been found in phpMyAdmin, the worst
|
||||
of which could result in the arbitrary execution of code.
|
||||
</synopsis>
|
||||
<product type="ebuild">phpmyadmin</product>
|
||||
<announced>2019-04-15</announced>
|
||||
<revised count="1">2019-04-15</revised>
|
||||
<bug>658742</bug>
|
||||
<bug>672938</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="dev-db/phpmyadmin" auto="yes" arch="*">
|
||||
<unaffected range="ge">4.8.4</unaffected>
|
||||
<vulnerable range="lt">4.8.4</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>phpMyAdmin is a web-based management tool for MySQL databases.</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Multiple vulnerabilities have been discovered in phpMyAdmin. Please
|
||||
review the CVE identifiers referenced below for details.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="normal">
|
||||
<p>Please review the CVE identifiers referenced below for details.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All phpMyAdmin users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-4.8.4"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12613">CVE-2018-12613</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19968">CVE-2018-19968</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19969">CVE-2018-19969</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19970">CVE-2018-19970</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2019-03-30T00:23:53Z">b-man</metadata>
|
||||
<metadata tag="submitter" timestamp="2019-04-15T20:53:01Z">b-man</metadata>
|
||||
</glsa>
|
||||
@ -1 +1 @@
|
||||
Thu, 11 Apr 2019 12:38:43 +0000
|
||||
Mon, 15 Apr 2019 22:38:42 +0000
|
||||
|
||||
@ -1 +1 @@
|
||||
f968e3b69dbac09ac866bb6aa6abb70acbd31a8b 1554945337 2019-04-11T01:15:37+00:00
|
||||
9b59bd6cf27bbcd9bc148340e6758177e493f624 1555361601 2019-04-15T20:53:21+00:00
|
||||
|
||||
Loading…
Reference in New Issue
Block a user