mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-10 22:46:58 +02:00
Merge pull request #1036 from flatcar/buildbot/monthly-glsa-metadata-updates-2023-08-01
Monthly GLSA metadata 2023-08-01
This commit is contained in:
Dongsu Park
GitHub
commit
1de2db1ac3
@ -1,23 +1,23 @@
|
|||||||
-----BEGIN PGP SIGNED MESSAGE-----
|
-----BEGIN PGP SIGNED MESSAGE-----
|
||||||
Hash: SHA512
|
Hash: SHA512
|
||||||
|
|
||||||
MANIFEST Manifest.files.gz 546124 BLAKE2B b8c960a7f19f0cac8ea254b9330e3a1add1f4be28ff0a9b4020f5e68f250a6b511280b7dd1dec4e472c73320abae493b0ab8441075c681803abfb19ea280332e SHA512 0dccc4f920463740ab2803f55b50f1cf0df2af9d58750c12c98fe5963dc8738d5a3e8d6a895c2e0d3ba8230bb61557b6e88b4fa56b2f05f5697577b68a9413df
|
MANIFEST Manifest.files.gz 546284 BLAKE2B ffce95d14dec8e0ecb1658575f411350a797650e5376e656bbe5d1c11b4e05372611ac4ca5de41270e2e69dfa9461b99f212aa044d6509bb082c7f94d92006b8 SHA512 c90fc6416d62b1b09cbafd89df9a8523e7e9eec12dd28fd39f81776bc9076c1e64fdb0203c709c330d323ea0c05daf6d59e5c469948b4d49cc6d59443f29557a
|
||||||
TIMESTAMP 2023-07-01T06:39:56Z
|
TIMESTAMP 2023-08-01T06:40:03Z
|
||||||
-----BEGIN PGP SIGNATURE-----
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmSfyjxfFIAAAAAALgAo
|
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmTIqMNfFIAAAAAALgAo
|
||||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
|
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
|
||||||
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
|
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
|
||||||
klCNlxAAg+LXqNKPA6Om+jvnU7PqJvbnCGZtGLkW+pj21SRkZz/bZPNKctViyPUr
|
klANARAAo6KXYP/HCX5kiEsBf5JWOje0quGzsCs5xplVYsD2JgbKn81fUau7PkWJ
|
||||||
44favLaBAakcBt8I4F3sve5Xm1QofeJARyZQZ0u17FqD4eWZnprDkCC+mkGjjXjA
|
UM7w/cPxGXbeVH2GiZLozD379jaVIjvjEuRy4yc1cOVnZ3ZuEdgBJjnrK3081RuO
|
||||||
yb1zNK+u2kEUCzZt/zXkbQYKzUHnpskQ5V+n7NHZAv72BdZt00dAz0BY+sTnyuWp
|
j2PteSl9M9d3vHTZt6AdQEE9cKXYLB0qStTG0vyS95cioZlPllM36uEkDtHhHjv/
|
||||||
cEUnhhmhJJQ8NG8l6T5cawChZ427ob7hBzA2bKz6z20B6+T5qZXf51jRo2ykBSr8
|
hYajgE6PHv3E/WiMdOu1XZmjOaFTnOU4phG+oSL09YOGqdvu9nNCbQxwFkBjTb0L
|
||||||
K43d7zdEtXLdrTpsOxQBAgRJ9wVCyiFpfFCCR+yk0oyv+57H0gRn4uVAxodawAQd
|
VzRMfRFi99gRx/al2gaP3WvDRSSuYM9GuQID4ascPgbnjC4KHBafZYcsVB63MRar
|
||||||
U6FbGmjRmOlYUcL3l4Nb6X9D7l60WR+uLjCz6GxxXPCedXoZj45Ko27tN2Fw6VB/
|
+CHEKEyNLZ7TTgjfODeF/c6o0LIeVOurfsF0GrxZucnxKkBeduxEAR78LhBvPq/v
|
||||||
N/7ey4uCwBZajRbJjOvcQXLb+2/7SP9AgYNWwgCCj3NbHIdgyfw7DgiA7ZkjnVR2
|
3m1XK+ektF0SJqEK7yNn4+lO55Hi/ZYLuJmpMOG9uMOxTy2Ehg4/k8coy7ECyfN5
|
||||||
4v6Aot6VPs6UKplw+8TXQlotrIwN3WLHj0JRw6l79MccJzSUzPKlgjRuxXURLxR0
|
+NfbeMe3ifpfriUgMNLQkmg4n6rfaRPer1SQe7lyw0HBwFflDt9B5KuoiFkBoVhO
|
||||||
Z5+r95iyTz/4udUvAicEbIdtgwxmdQXQSXe6cZnxuLMlVvLSRl7ro65lhfsM5mZ8
|
FqxsFuiZozfCbLnvBCdIqTvZwMKwMp7+G470nCPVrCChJc2QToX+xn/QCScaUAIL
|
||||||
ynyH9JXeqZMiMd1toX1WbsbGfsPwheNYa9hwfAgkQ8PhHfq8Hu+2/EKGNcX/aMBQ
|
DKwZ+eYK6OWGCrOm/nRNvtEj4I+mYgCCiLmbaEs+c3MSQl/HxhShrBQSN+rad8k5
|
||||||
7RFGpjGXcYlTaUoH5SYcdXpmvcFMhE2a8Hn+W9D+icrtS8atqDI=
|
fz2G1Xa5uhlEGr4xu/fxRR5mYBqWycsv2xdN0HOga/XboKR+Ooc=
|
||||||
=7mgn
|
=/Mm9
|
||||||
-----END PGP SIGNATURE-----
|
-----END PGP SIGNATURE-----
|
||||||
|
|||||||
Binary file not shown.
46
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202307-01.xml
vendored
Normal file
46
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202307-01.xml
vendored
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||||
|
<glsa id="202307-01">
|
||||||
|
<title>OpenSSH: Remote Code Execution</title>
|
||||||
|
<synopsis>Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.</synopsis>
|
||||||
|
<product type="ebuild">openssh</product>
|
||||||
|
<announced>2023-07-20</announced>
|
||||||
|
<revised count="1">2023-07-20</revised>
|
||||||
|
<bug>892936</bug>
|
||||||
|
<bug>905299</bug>
|
||||||
|
<bug>910553</bug>
|
||||||
|
<access>remote</access>
|
||||||
|
<affected>
|
||||||
|
<package name="net-misc/openssh" auto="yes" arch="*">
|
||||||
|
<unaffected range="ge">9.3_p2</unaffected>
|
||||||
|
<vulnerable range="lt">9.3_p2</vulnerable>
|
||||||
|
</package>
|
||||||
|
</affected>
|
||||||
|
<background>
|
||||||
|
<p>OpenSSH is a free application suite consisting of server and clients that replace tools like telnet, rlogin, rcp and ftp with more secure versions offering additional functionality.</p>
|
||||||
|
</background>
|
||||||
|
<description>
|
||||||
|
<p>Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details.</p>
|
||||||
|
</description>
|
||||||
|
<impact type="high">
|
||||||
|
<p>Please review the CVE identifiers referenced below for details.</p>
|
||||||
|
</impact>
|
||||||
|
<workaround>
|
||||||
|
<p>CVE-2023-38408 can be worked around by avoiding connecting to untrusted servers with an SSH agent.</p>
|
||||||
|
</workaround>
|
||||||
|
<resolution>
|
||||||
|
<p>All OpenSSH users should upgrade to the latest version:</p>
|
||||||
|
|
||||||
|
<code>
|
||||||
|
# emerge --sync
|
||||||
|
# emerge --ask --oneshot --verbose ">=net-misc/openssh-9.3_p2"
|
||||||
|
</code>
|
||||||
|
</resolution>
|
||||||
|
<references>
|
||||||
|
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-25136">CVE-2023-25136</uri>
|
||||||
|
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-28531">CVE-2023-28531</uri>
|
||||||
|
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-38408">CVE-2023-38408</uri>
|
||||||
|
</references>
|
||||||
|
<metadata tag="requester" timestamp="2023-07-20T02:17:18.328897Z">sam</metadata>
|
||||||
|
<metadata tag="submitter" timestamp="2023-07-20T02:17:18.348364Z">sam</metadata>
|
||||||
|
</glsa>
|
||||||
@ -1 +1 @@
|
|||||||
Sat, 01 Jul 2023 06:39:53 +0000
|
Tue, 01 Aug 2023 06:40:00 +0000
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
023c3018165ffad6f1f6a874561e1c3c555cb505 1685499625 2023-05-31T02:20:25+00:00
|
6394ef8ae23b1cf183b45b603eceea6389a3c371 1689819508 2023-07-20T02:18:28+00:00
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user