diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
index 96a62a9cda..92a8f84969 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 465570 BLAKE2B a62e99817e32fd8ff7f82db3f63ecd455d8d078254d12926bca9349cd7d4cb7525d19b5ca213653d7ca3a28e5f51b7e4f978944f6a7c39fec3994650ada13ff2 SHA512 ee24891578ae08c29634185ea42adbf62dff9fd502bd411c413a0b0088f0d305dd4dba72180ac6793f6d434a7cc1a30d883831d3d40443eae468994ac283a7ef
-TIMESTAMP 2020-05-15T14:08:26Z
+MANIFEST Manifest.files.gz 517807 BLAKE2B 2ecdb63e9cfe1a1b71d23ab4fe58b057928be5a410ab9012b87ec1e7c917af227099229248e5b2c7dc5b25edb96e4adad920259d956349d0ecbb204178f8da2c SHA512 4ca9cc06a8ae7d4eefdd8a435b92f1f4e675295b618afdb11cf1d7f45b49f0fd5137f7f0c81b60933a8b942fe25de9928a9f4ffe0d5968bae8eae39c95a7da50
+TIMESTAMP 2021-09-03T09:39:09Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAl6+olpfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmEx7T1fFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klBInA//UsEYg3X87qjYposFYkbACD9iS4i63RKctLCgMXD3wNQLH2hP6A3CmAQT
-rEuWnPDuWyWJ7NX7RlWWO0IsNn6lcy628Aw/h4fpM8t0NvtmnZflyt1tXznmez/i
-0Ws4eyP86Kygz+wBfLWeqc+rKY2GHcB+BtY99SxZ9dr9XoK8/DaLbpN7Af1ljkmK
-pdLRKW04PMMUVAoLTolqK5C2SoveY/AkjH6MA4+oKuaQtTQVCjnfgB3O8RumrdBK
-WdWPyDR2W45Bp0a25pFcBcIb8KQdbKk8Rr3c/7rpae7UUG62aKzHo6Ej1d5Ih81B
-FWtN2cKeUKSrI5FY8oZnZGVfhzJjKGkTwYm6SsNJ9Oa01/Lt/Vb5RBRgozhdVUdj
-3zihSZ+2h3JJlo/FGLUnqFK8oihZ21wPdztkWre5moVaQ3gg9DIOSl6w5+MT7gqc
-X6qkpkAOxxsKz/EiVJHPqtdzEAwLAGK15qoaiKxoHFHqGDrPjTyWA+qcrZmUo9l8
-MfJ1KPMT+O9uWaOaA4Pnp2enS13q2XpzcoRcsYBKomFezDBOjuZ/Yrq3Cr21ABp+
-rxdlMO1tV0C992S7W9KxEZGHYNaP0kUkIR/jtLWsaTabVqiSJe6IZGsypr8SbEiU
-wISVxlE6KbWGSJmaP/F7e7MnBckTOrLB0vx41r/9+kZbR1whfRQ=
-=VfoR
+klDDdg/9E3xzbHQflhxbmbSuYxUQw+5moNxqX0RH7/BlcY/jtIzF4trigK8Sq+eQ
+zawPG+Z46e42+9llPtTeJ/S9fThrYfbJ2F8bw3QlQT6bdwOsi+Gm0x2taeLJM42L
+5TQUDlSsB9V0Q41nNpqBn4KKrz7KeSd0B6EFOtgyjIivAR6IiDpn6t8XHHQUAcDt
+MqeWOU1AuDvR3spVwNIXiC3nX8hn9LnPk2F/N3tmxAT1IctmW0mZtNxhlbEa48Le
+h/ESWkPqsPno/OGGby+qsXyS1+29LFq4dYin+zl9qOdFoqJ/FcbpYYajz7Kg4fT+
+Rt71hIBC9e6N4Vruyj4TGp1UyuQ95W8ff0fuuUGV02dsGZCgN1qdW8RD6x+LtAGn
+ee5tLam28eFy6n2M3ACaKdgGfUCQs5UozjR9/KjGjf5ZzMt1O0DYOkGK3lOx90jJ
+9R04NMl4lN6NqyzqEn0Gr6ljMyjhXP2VYaqQqtu0ybAezVenIV+xXw99WuA0IUYJ
+KEzFaKCB/D4tj6IidGvz3/Zk+Asa1+VxlZ3GoT9jkG4E93doQQk7mcWpulADxYwI
+1VYd/u/8ud8LLe6Yq61DZRnoAIyQJYhX8Ij2d54uD+G1vz/Oa+o0nk3yCcJl/Pjj
+A1vjJG4Be5NsoFJUVQaxiNcfN0KxGx6Z5RPgGMYlGhkSIjsw56U=
+=plvA
 -----END PGP SIGNATURE-----
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz
index 192d458f15..fb3d67f101 100644
Binary files a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz and b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz differ
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-22.xml
index dcd5c2142e..5bedbe96fb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-22.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-22.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200503-22">
-  <title>KDE: Local Denial of Service</title>
+  <title>KDE: Local Denial of service</title>
   <synopsis>
     KDE is vulnerable to a local Denial of Service attack.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-33.xml
index c2229fc7fb..1ef5171273 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-33.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200503-33.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200503-33">
-  <title>IPsec-Tools: racoon Denial of Service</title>
+  <title>IPsec-Tools: racoon Denial of service</title>
   <synopsis>
     IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200601-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200601-16.xml
index ac2bc802e3..0c4f496882 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200601-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200601-16.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200601-16">
-  <title>MyDNS: Denial of Service</title>
+  <title>MyDNS: Denial of service</title>
   <synopsis>
     MyDNS contains a vulnerability that may lead to a Denial of Service attack.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200603-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200603-11.xml
index 90b33f414f..0585a3400a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200603-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200603-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200603-11">
-  <title>Freeciv: Denial of Service</title>
+  <title>Freeciv: Denial of service</title>
   <synopsis>
     A memory allocation bug in Freeciv allows a remote attacker to perform a
     Denial of Service attack.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200604-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200604-09.xml
index e680ddc0e8..fb77749e58 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200604-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200604-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200604-09">
-  <title>Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service</title>
+  <title>Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of service</title>
   <synopsis>
     Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could
     lead to a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200605-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200605-11.xml
index 62de66a80b..3cee0b37ef 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200605-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200605-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200605-11">
-  <title>Ruby: Denial of Service</title>
+  <title>Ruby: Denial of service</title>
   <synopsis>
     Ruby WEBrick and XMLRPC servers are vulnerable to Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-11.xml
index a58e8de973..c4ad483ce0 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200606-11">
-  <title>JPEG library: Denial of Service</title>
+  <title>JPEG library: Denial of service</title>
   <synopsis>
     The JPEG library is vulnerable to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-19.xml
index c0fec98a63..1c54e139b6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-19.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-19.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200606-19">
-  <title>Sendmail: Denial of Service</title>
+  <title>Sendmail: Denial of service</title>
   <synopsis>
     Faulty multipart MIME messages can cause forked Sendmail processes to
     crash.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-26.xml
index 22e4caf92e..ce147a2f36 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-26.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200606-26.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200606-26">
-  <title>EnergyMech: Denial of Service</title>
+  <title>EnergyMech: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability was discovered in EnergyMech that is
     easily exploitable via IRC.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-09.xml
index ba8779a96c..85072294a7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200608-09">
-  <title>MySQL: Denial of Service</title>
+  <title>MySQL: Denial of service</title>
   <synopsis>
     An authenticated user can crash MySQL through invalid parameters to the
     date_format function.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-23.xml
index a93902eb2e..2fc97981e5 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-23.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200608-23.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200608-23">
-  <title>Heartbeat: Denial of Service</title>
+  <title>Heartbeat: Denial of service</title>
   <synopsis>
     Heartbeat is vulnerable to a Denial of Service which can be triggered by a
     remote attacker without authentication.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-03.xml
index bfc9021743..92a3af875a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200609-03">
-  <title>OpenTTD: Remote Denial of Service</title>
+  <title>OpenTTD: Remote Denial of service</title>
   <synopsis>
     The OpenTTD server is vulnerable to a remote Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-11.xml
index 2ac89d018f..bc717d5570 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200609-11">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>
     ISC BIND contains two vulnerabilities allowing a Denial of Service under
     certain conditions.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-17.xml
index 7533659d3e..3a4a79d4b4 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200609-17">
-  <title>OpenSSH: Denial of Service</title>
+  <title>OpenSSH: Denial of service</title>
   <synopsis>
     A flaw in the OpenSSH daemon allows remote unauthenticated attackers to
     cause a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-20.xml
index 2764e38d94..d1b853bc63 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200609-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200609-20">
-  <title>DokuWiki: Shell command injection and Denial of Service</title>
+  <title>DokuWiki: Shell command injection and Denial of service</title>
   <synopsis>
     DokuWiki is vulnerable to shell command injection and Denial of Service
     attacks when using ImageMagick.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200611-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200611-09.xml
index e920101985..1dec8d5fbb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200611-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200611-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200611-09">
-  <title>libpng: Denial of Service</title>
+  <title>libpng: Denial of service</title>
   <synopsis>
     A vulnerability in libpng may allow a remote attacker to crash applications
     that handle untrusted images.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200612-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200612-18.xml
index 1a43445064..5ed634ad43 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200612-18.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200612-18.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200612-18">
-  <title>ClamAV: Denial of Service</title>
+  <title>ClamAV: Denial of service</title>
   <synopsis>
     ClamAV is vulnerable to Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-01.xml
index 7f9efc3a29..2671dcd809 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200701-01">
-  <title>DenyHosts: Denial of Service</title>
+  <title>DenyHosts: Denial of service</title>
   <synopsis>
     DenyHosts does not correctly parse log entries, potentially causing a
     remote Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-05.xml
index 48768ef296..37c4f19e04 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200701-05">
-  <title>KDE kfile JPEG info plugin: Denial of Service</title>
+  <title>KDE kfile JPEG info plugin: Denial of service</title>
   <synopsis>
     The KDE kfile JPEG info plugin of kdegraphics could enter an endless loop
     leading to a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-09.xml
index 35197acf50..c2c0ae1fe2 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200701-09">
-  <title>oftpd: Denial of Service</title>
+  <title>oftpd: Denial of service</title>
   <synopsis>
     An assertion in oftpd could lead to a denial of service vulnerability.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-14.xml
index f3dff2ebb7..8fc60c481f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200701-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200701-14">
-  <title>Mod_auth_kerb: Denial of Service</title>
+  <title>Mod_auth_kerb: Denial of service</title>
   <synopsis>
     Mod_auth_kerb is vulnerable to a buffer overflow possibly allowing a Denial
     of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-03.xml
index 22952e8493..11a93ad716 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200702-03">
-  <title>Snort: Denial of Service</title>
+  <title>Snort: Denial of service</title>
   <synopsis>
     Snort contains a vulnerability in the rule matching algorithm that could
     result in a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-05.xml
index 0f8a14baba..98d513b6fd 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200702-05">
-  <title>Fail2ban: Denial of Service</title>
+  <title>Fail2ban: Denial of service</title>
   <synopsis>
     A flaw in Fail2ban may allow remote attackers to deny access to arbitrary
     hosts.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-06.xml
index 3e3f503e4e..1f3c0b9369 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200702-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200702-06">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>
     ISC BIND contains two vulnerabilities allowing a Denial of Service under
     certain conditions.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-02.xml
index 9785ebf3dc..7c75cc5b2b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-02">
-  <title>SpamAssassin: Long URI Denial of Service</title>
+  <title>SpamAssassin: Long URI Denial of service</title>
   <synopsis>
     SpamAssassin is vulnerable to a Denial of Service attack.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-03.xml
index 8a543ec90f..408b8fb5cf 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-03">
-  <title>ClamAV: Denial of Service</title>
+  <title>ClamAV: Denial of service</title>
   <synopsis>
     ClamAV contains two vulnerabilities allowing a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-12.xml
index be1d5010c7..c6ed3db7e6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-12">
-  <title>SILC Server: Denial of Service</title>
+  <title>SILC Server: Denial of service</title>
   <synopsis>
     SILC Server is affected by a Denial of Service vulnerability.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-14.xml
index b2fcc2b2d9..49cc182ad3 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-14">
-  <title>Asterisk: SIP Denial of Service</title>
+  <title>Asterisk: SIP Denial of service</title>
   <synopsis>
     Asterisk is vulnerable to Denial of Service in the SIP channel.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-27.xml
index 4f7898a76e..5d1bddf411 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-27.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-27.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-27">
-  <title>Squid: Denial of Service</title>
+  <title>Squid: Denial of service</title>
   <synopsis>
     Squid is affected by a Denial of Service vulnerability.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-28.xml
index 1004180daa..5e2265c331 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-28.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200703-28.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200703-28">
-  <title>CUPS: Denial of Service</title>
+  <title>CUPS: Denial of service</title>
   <synopsis>
     CUPS incorrectly handles partially-negotiated SSL connections allowing for
     a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-11.xml
index 3f9ab070a1..c8ff587f0f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200704-11">
-  <title>Vixie Cron: Denial of Service</title>
+  <title>Vixie Cron: Denial of service</title>
   <synopsis>
     The Gentoo implementation of Vixie Cron is vulnerable to a local Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-13.xml
index e41f921b22..28ebd44ba7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200704-13">
-  <title>File: Denial of Service</title>
+  <title>File: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in file allowing for a denial of
     service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-14.xml
index e4e6fe5c70..5c7ec666f4 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200704-14">
-  <title>FreeRADIUS: Denial of Service</title>
+  <title>FreeRADIUS: Denial of service</title>
   <synopsis>
     A memory leak has been discovered in FreeRADIUS, possibly allowing for a
     Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-22.xml
index d8e3e96f32..3a176a3c6f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-22.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200704-22.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200704-22">
-  <title>BEAST: Denial of Service</title>
+  <title>BEAST: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in BEAST allowing for a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-04.xml
index 5978092a4c..30a4532283 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200705-04">
-  <title>Apache mod_perl: Denial of Service</title>
+  <title>Apache mod_perl: Denial of service</title>
   <synopsis>
     The mod_perl Apache module is vulnerable to a Denial of Service when
     processing regular expressions.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-05.xml
index 6d950b3cfe..18bccf17f9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200705-05">
-  <title>Quagga: Denial of Service</title>
+  <title>Quagga: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in Quagga allowing for a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-09.xml
index 577098b4b9..65861b5fe6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200705-09">
-  <title>IPsec-Tools: Denial of Service</title>
+  <title>IPsec-Tools: Denial of service</title>
   <synopsis>
     IPsec-Tools contains a vulnerability that allows a remote attacker to crash
     the IPsec tunnel.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-24.xml
index 6479d816ed..de581b3b95 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-24.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200705-24.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200705-24">
-  <title>libpng: Denial of Service</title>
+  <title>libpng: Denial of service</title>
   <synopsis>
     A vulnerability in libpng may allow a remote attacker to crash applications
     that handle untrusted images.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200707-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200707-13.xml
index ce5738fe43..b453866225 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200707-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200707-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200707-13">
-  <title>Fail2ban: Denial of Service</title>
+  <title>Fail2ban: Denial of service</title>
   <synopsis>
     Fail2ban is vulnerable to a Denial of Service attack.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-04.xml
index 6a40c42514..6dfe88cabe 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200708-04">
-  <title>ClamAV: Denial of Service</title>
+  <title>ClamAV: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in ClamAV, allowing for a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-14.xml
index c508dda3b7..99f8ebbbac 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200708-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200708-14">
-  <title>NVIDIA drivers: Denial of Service</title>
+  <title>NVIDIA drivers: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in the NVIDIA graphic drivers, allowing
     for a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200709-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200709-11.xml
index 08bd14227d..9eafab06f7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200709-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200709-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200709-11">
-  <title>GDM: Local Denial of Service</title>
+  <title>GDM: Local Denial of service</title>
   <synopsis>
     GDM can be crashed by a local user, preventing it from managing future
     displays.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200710-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200710-14.xml
index 43b9e66728..62556ffae5 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200710-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200710-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200710-14">
-  <title>DenyHosts: Denial of Service</title>
+  <title>DenyHosts: Denial of service</title>
   <synopsis>
     DenyHosts does not correctly parse log entries, potentially causing a
     remote Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-09.xml
index 74f22b4a61..d1157db456 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200711-09">
-  <title>MadWifi: Denial of Service</title>
+  <title>MadWifi: Denial of service</title>
   <synopsis>
     MadWifi does not correctly process beacon frames which can lead to a
     remotely triggered Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-13.xml
index 173e6eee72..b5fae92bd6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200711-13">
-  <title>3proxy: Denial of Service</title>
+  <title>3proxy: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in 3proxy, possibly resulting in a
     Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-25.xml
index 76d1de6e64..2f8d6ecd06 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-25.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-25.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200711-25">
-  <title>MySQL: Denial of Service</title>
+  <title>MySQL: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability was found in MySQL.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-31.xml
index 648863f135..c2ad71fe74 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-31.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200711-31.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200711-31">
-  <title>Net-SNMP: Denial of Service</title>
+  <title>Net-SNMP: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been discovered in Net-SNMP when
     processing GETBULK requests.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-12.xml
index 7c3efd5ec3..80c56b1811 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200712-12">
-  <title>IRC Services: Denial of Service</title>
+  <title>IRC Services: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been reported in IRC Services.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-19.xml
index 0f6a2b97d9..0068fec39b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-19.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200712-19.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200712-19">
-  <title>Syslog-ng: Denial of Service</title>
+  <title>Syslog-ng: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been discovered in Syslog-ng.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-04.xml
index d3e4a272fc..8cfc9c9fd3 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-04">
-  <title>OpenAFS: Denial of Service</title>
+  <title>OpenAFS: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been discovered in OpenAFS.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-05.xml
index b859a1c011..f24ca70c44 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-05">
-  <title>Squid: Denial of Service</title>
+  <title>Squid: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been reported in Squid.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-13.xml
index 3ebdb971b5..387976aae9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-13">
-  <title>ngIRCd: Denial of Service</title>
+  <title>ngIRCd: Denial of service</title>
   <synopsis>
     ngIRCd does not properly sanitize commands sent by users, allowing for a
     Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-16.xml
index 875199ea73..1613eb4540 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-16.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-16">
-  <title>MaraDNS: CNAME Denial of Service</title>
+  <title>MaraDNS: CNAME Denial of service</title>
   <synopsis>
     MaraDNS is prone to a Denial of Service vulnerability impacting CNAME
     resolution.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-17.xml
index 9e4f8f009d..641d7c5e38 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-17">
-  <title>Netkit FTP Server: Denial of Service</title>
+  <title>Netkit FTP Server: Denial of service</title>
   <synopsis>
     Netkit FTP Server contains a Denial of Service vulnerability.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-20.xml
index d46c67897e..a691335980 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200801-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200801-20">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been reported in libxml2.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200802-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200802-08.xml
index 60f2a9054f..34f5fae290 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200802-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200802-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200802-08">
-  <title>Boost: Denial of Service</title>
+  <title>Boost: Denial of service</title>
   <synopsis>
     Two vulnerabilities have been reported in Boost, each one possibly
     resulting in a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-22.xml
index 00c1b30f8e..9e0f0c9515 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-22.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-22.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200803-22">
-  <title>LIVE555 Media Server: Denial of Service</title>
+  <title>LIVE555 Media Server: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been reported in LIVE555 Media
     Server.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-32.xml
index cc5d432c44..daa30e7488 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-32.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200803-32.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200803-32">
-  <title>Wireshark: Denial of Service</title>
+  <title>Wireshark: Denial of service</title>
   <synopsis>
     Multiple Denial of Service vulnerabilities have been discovered in
     Wireshark.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-02.xml
index 29c4052825..c6f4d547ca 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200804-02">
-  <title>bzip2: Denial of Service</title>
+  <title>bzip2: Denial of service</title>
   <synopsis>
     A buffer overread vulnerability has been discovered in Bzip2.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-19.xml
index ec5409c1e7..44b2e47761 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-19.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-19.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200804-19">
-  <title>PHP Toolkit: Data disclosure and Denial of Service</title>
+  <title>PHP Toolkit: Data disclosure and Denial of service</title>
   <synopsis>
     PHP Toolkit does not quote parameters, allowing for PHP source code
     disclosure on Apache, and a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-26.xml
index 152bb1ead8..9ef4614933 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-26.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200804-26.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200804-26">
-  <title>Openfire: Denial of Service</title>
+  <title>Openfire: Denial of service</title>
   <synopsis>
     A design error in Openfire might lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-05.xml
index e10026a9b8..ee55e151f1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200805-05">
-  <title>Wireshark: Denial of Service</title>
+  <title>Wireshark: Denial of service</title>
   <synopsis>
     Multiple Denial of Service vulnerabilities have been discovered in
     Wireshark.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-08.xml
index b966afc4e5..02e9b52498 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200805-08">
-  <title>InspIRCd: Denial of Service</title>
+  <title>InspIRCd: Denial of service</title>
   <synopsis>
     A buffer overflow in InspIRCd allows remote attackers to cause a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-15.xml
index 8b7c2bfc9f..96643bbef6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-15.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200805-15.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200805-15">
-  <title>libid3tag: Denial of Service</title>
+  <title>libid3tag: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability was found in libid3tag.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200806-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200806-08.xml
index 07c01edbac..d0c5a77a54 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200806-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200806-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200806-08">
-  <title>OpenSSL: Denial of Service</title>
+  <title>OpenSSL: Denial of service</title>
   <synopsis>
     Two vulnerabilities might allow for a Denial of Service of daemons using
     OpenSSL.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200807-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200807-06.xml
index 6febbf8e29..4c8f81534f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200807-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200807-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200807-06">
-  <title>Apache: Denial of Service</title>
+  <title>Apache: Denial of service</title>
   <synopsis>
     Multiple vulnerabilities in Apache might lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-04.xml
index 65dc75fa10..56e32abcfd 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200808-04">
-  <title>Wireshark: Denial of Service</title>
+  <title>Wireshark: Denial of service</title>
   <synopsis>
     Multiple Denial of Service vulnerabilities have been discovered in
     Wireshark.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-05.xml
index 7ca04ba842..eb4a3291ba 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200808-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200808-05">
-  <title>ISC DHCP: Denial of Service</title>
+  <title>ISC DHCP: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability was discovered in ISC DHCP.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-09.xml
index 86b8b82925..dbcb6a4033 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200809-09">
-  <title>Postfix: Denial of Service</title>
+  <title>Postfix: Denial of service</title>
   <synopsis>
     A memory leak in Postfix might allow local users to cause a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-11.xml
index d2b3e8b6ed..d52daa78b5 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200809-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200809-11">
-  <title>HAVP: Denial of Service</title>
+  <title>HAVP: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been reported in HAVP.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200812-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200812-03.xml
index 64a9b2625c..18468b710e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200812-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200812-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200812-03">
-  <title>IPsec-Tools: racoon Denial of Service</title>
+  <title>IPsec-Tools: racoon Denial of service</title>
   <synopsis>
     IPsec-Tools' racoon is affected by a remote Denial of Service
     vulnerability.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-04.xml
index db1df4fc44..216cca9b51 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200901-04">
-  <title>D-Bus: Denial of Service</title>
+  <title>D-Bus: Denial of service</title>
   <synopsis>
     An error condition can cause D-Bus to crash.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-11.xml
index 3321fd6e7e..4a5984b720 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200901-11">
-  <title>Avahi: Denial of Service</title>
+  <title>Avahi: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability has been discovered in Avahi.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-15.xml
index 41fba986c0..f76b93c35a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-15.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200901-15.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200901-15">
-  <title>Net-SNMP: Denial of Service</title>
+  <title>Net-SNMP: Denial of service</title>
   <synopsis>
     A vulnerability in Net-SNMP could lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-13.xml
index d806329896..fc0f88cdaa 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200903-13">
-  <title>MPFR: Denial of Service</title>
+  <title>MPFR: Denial of service</title>
   <synopsis>
     Multiple buffer overflows in MPFR might lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-19.xml
index ad6e89cfac..695675b087 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-19.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-19.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200903-19">
-  <title>Xerces-C++: Denial of Service</title>
+  <title>Xerces-C++: Denial of service</title>
   <synopsis>
     An error in Xerces-C++ allows for a Denial of Service via malicious XML
     schema files.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-40.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-40.xml
index 5f8c75c50b..2cebd0751e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-40.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200903-40.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200903-40">
-  <title>Analog: Denial of Service</title>
+  <title>Analog: Denial of service</title>
   <synopsis>
     A Denial of Service vulnerability was discovered in Analog.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-04.xml
index 6c52deb11a..872ca9feab 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200904-04">
-  <title>WeeChat: Denial of Service</title>
+  <title>WeeChat: Denial of service</title>
   <synopsis>
     A processing error in WeeChat might lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-08.xml
index f3139bf89b..fc55291362 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200904-08">
-  <title>OpenSSL: Denial of Service</title>
+  <title>OpenSSL: Denial of service</title>
   <synopsis>
     An error in OpenSSL might allow for a Denial of Service when printing
     certificate details.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-10.xml
index 193c67427b..fcb96cd0ec 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-10.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-10.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200904-10">
-  <title>Avahi: Denial of Service</title>
+  <title>Avahi: Denial of service</title>
   <synopsis>
     An error in Avahi might lead to a Denial of Service via network and CPU
     consumption.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-13.xml
index 9764bf9415..ae0a94d91e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200904-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200904-13">
-  <title>Ventrilo: Denial of Service</title>
+  <title>Ventrilo: Denial of service</title>
   <synopsis>
     A vulnerability has been discovered in Ventrilo, allowing for a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-03.xml
index 75e027433c..df09584c41 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200905-03">
-  <title>IPSec Tools: Denial of Service</title>
+  <title>IPSec Tools: Denial of service</title>
   <synopsis>
     Multiple errors in the IPSec Tools racoon daemon might allow remote
     attackers to cause a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-06.xml
index f0daa27a27..714676172c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200905-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200905-06">
-  <title>acpid: Denial of Service</title>
+  <title>acpid: Denial of service</title>
   <synopsis>
     An error in acpid might allow remote attackers to cause a Denial of
     Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200906-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200906-02.xml
index 9a9e750e1a..257a1415bd 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200906-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200906-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200906-02">
-  <title>Ruby: Denial of Service</title>
+  <title>Ruby: Denial of service</title>
   <synopsis>
     A flaw in the Ruby standard library might allow remote attackers to cause a
     Denial of Service attack.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-02.xml
index d9211d2c82..beec6bcaba 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200907-02">
-  <title>ModSecurity: Denial of Service</title>
+  <title>ModSecurity: Denial of service</title>
   <synopsis>
     Two vulnerabilities in ModSecurity might lead to a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-05.xml
index 265b7af3e6..d506ec04c3 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200907-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200907-05">
-  <title>git: git-daemon Denial of Service</title>
+  <title>git: git-daemon Denial of service</title>
   <synopsis>
     An error in git-daemon might lead to a Denial of Service via resource
     consumption.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-02.xml
index 71c2cc9cba..77eac4fc16 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200908-02">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>
     Dynamic Update packets can cause a Denial of Service in the BIND daemon.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-07.xml
index d6fea11da9..5a3d87de1b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200908-07">
-  <title>Perl Compress::Raw modules: Denial of Service</title>
+  <title>Perl Compress::Raw modules: Denial of service</title>
   <synopsis>
     An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might
     lead to a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-08.xml
index 0ccedf026c..4b5a418e28 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200908-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200908-08">
-  <title>ISC DHCP: dhcpd Denial of Service</title>
+  <title>ISC DHCP: dhcpd Denial of service</title>
   <synopsis>
     dhcpd as included in the ISC DHCP implementation does not properly handle
     special conditions, leading to a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-05.xml
index 40704e5ada..a398bc011e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200909-05">
-  <title>Openswan: Denial of Service</title>
+  <title>Openswan: Denial of service</title>
   <synopsis>
     Multiple vulnerabilities in the pluto IKE daemon of Openswan might allow
     remote attackers to cause a Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-16.xml
index 851049fae1..64761d810e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200909-16.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="200909-16">
-  <title>Wireshark: Denial of Service</title>
+  <title>Wireshark: Denial of service</title>
   <synopsis>
     Multiple vulnerabilities have been discovered in Wireshark which allow for
     Denial of Service.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201001-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201001-01.xml
index fb7fd3c0c5..a463491468 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201001-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201001-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201001-01">
-  <title>NTP: Denial of Service</title>
+  <title>NTP: Denial of service</title>
   <synopsis>
     A Denial of Service condition in ntpd can cause excessive CPU or bandwidth
     consumption.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201006-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201006-17.xml
index ab4d122e45..32888ad18a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201006-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201006-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201006-17">
-  <title>lighttpd: Denial of Service</title>
+  <title>lighttpd: Denial of service</title>
   <synopsis>
     A processing error in lighttpd might result in a Denial of Service
     condition.
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201009-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201009-07.xml
index 46008757c7..1500716099 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201009-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201009-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201009-07">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>
     Multiple Denial of Services vulnerabilities were found in libxml2.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-07.xml
index 9a25d95636..8d7182803f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201110-07">
-  <title>vsftpd: Denial of Service</title>
+  <title>vsftpd: Denial of service</title>
   <synopsis>A Denial of Service vulnerability was found in vsftpd.</synopsis>
   <product type="ebuild">vsftpd</product>
   <announced>2011-10-10</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-12.xml
index 7062b51845..90c7062201 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201110-12">
-  <title>Unbound: Denial of Service</title>
+  <title>Unbound: Denial of service</title>
   <synopsis>Multiple Denial of Service vulnerabilities were found in Unbound.</synopsis>
   <product type="ebuild">unbound</product>
   <announced>2011-10-15</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-17.xml
index ea0e65c2c6..47fefb9d03 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201110-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201110-17">
-  <title>Avahi: Denial of Service</title>
+  <title>Avahi: Denial of service</title>
   <synopsis>Multiple vulnerabilities were found in Avahi, allowing for Denial
     of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-03.xml
index 3baeb6dd9e..0da4cebd6c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201202-03">
-  <title>MaraDNS: Denial of Service</title>
+  <title>MaraDNS: Denial of service</title>
   <synopsis>A hash collision vulnerability in MaraDNS allows remote attackers
     to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-04.xml
index 280556e84d..96096d8090 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201202-04">
-  <title>PowerDNS: Denial of Service</title>
+  <title>PowerDNS: Denial of service</title>
   <synopsis>A vulnerability in PowerDNS could allow a remote attacker to create
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-06.xml
index 18e40c3c20..f840c259f8 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201202-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201202-06">
-  <title>Asterisk: Denial of Service</title>
+  <title>Asterisk: Denial of service</title>
   <synopsis>A vulnerability in Asterisk could allow a remote attacker to cause
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-04.xml
index 0c57f93286..a7d5a7b852 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201203-04">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>A hash collision vulnerability in libxml2 allows remote attackers
     to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-05.xml
index 95ac56dff1..17d12d9339 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201203-05">
-  <title>Rack: Denial of Service</title>
+  <title>Rack: Denial of service</title>
   <synopsis>A hash collision vulnerability in Rack allows remote attackers to
     cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-08.xml
index 0911c04697..bba0509f08 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201203-08">
-  <title>libxslt: Denial of Service</title>
+  <title>libxslt: Denial of service</title>
   <synopsis>A vulnerability in libxslt could result in Denial of Service.</synopsis>
   <product type="ebuild">libxslt</product>
   <announced>2012-03-06</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-13.xml
index b276e27990..98d1f6edf9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201203-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201203-13">
-  <title>Openswan: Denial of Service</title>
+  <title>Openswan: Denial of service</title>
   <synopsis>Multiple vulnerabilities in Openswan may create a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-20.xml
index aeda09bcb1..ac53364d11 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201206-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201206-20">
-  <title>gdk-pixbuf: Denial of Service</title>
+  <title>gdk-pixbuf: Denial of service</title>
   <synopsis>Multiple vulnerabilities in gdk-pixbuf may create a Denial of
     Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-06.xml
index fc5aef2fca..3e4ce1c21d 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201207-06">
-  <title>JRuby: Denial of Service</title>
+  <title>JRuby: Denial of service</title>
   <synopsis>A hash collision vulnerability in JRuby allows remote attackers to
     cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-07.xml
index b7b19be392..1dbaabc348 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201207-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201207-07">
-  <title>Keepalived: Denial of Service</title>
+  <title>Keepalived: Denial of service</title>
   <synopsis>Keepalived uses world-writable PID files, allowing a local attacker
     to kill arbitrary processes.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-08.xml
index 320c8db037..e051dc3d8b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201209-08">
-  <title>SquidClamav: Denial of Service</title>
+  <title>SquidClamav: Denial of service</title>
   <synopsis>A vulnerability in SquidClamav may result in Denial of Service.</synopsis>
   <product type="ebuild">squidclamav</product>
   <announced>2012-09-24</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-09.xml
index 516acf6ab6..33a7516c26 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-09.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201209-09">
-  <title>Atheme IRC Services: Denial of Service</title>
+  <title>Atheme IRC Services: Denial of service</title>
   <synopsis>A vulnerability has been found in Atheme which may lead to Denial
     of Service or a bypass of security restrictions.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-12.xml
index 6d3624bc43..8fefa88559 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201209-12">
-  <title>Libtasn1: Denial of Service</title>
+  <title>Libtasn1: Denial of service</title>
   <synopsis>A vulnerability in Libtasn1 might cause a Denial of Service
     condition. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-14.xml
index 2e41c9e63e..16c0ffb00f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201209-14">
-  <title>file: Denial of Service</title>
+  <title>file: Denial of service</title>
   <synopsis>A vulnerability in file could result in Denial of Service.</synopsis>
   <product type="ebuild">file</product>
   <announced>2012-09-26</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-20.xml
index 19cf6109fe..69c91c77d8 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201209-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201209-20">
-  <title>mod_rpaf: Denial of Service</title>
+  <title>mod_rpaf: Denial of service</title>
   <synopsis>A vulnerability in mod_rpaf may result in Denial of Service.</synopsis>
   <product type="ebuild">mod_rpaf</product>
   <announced>2012-09-27</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201301-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201301-06.xml
index c51e55f944..612b1dbab7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201301-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201301-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201301-06">
-  <title>ISC DHCP: Denial of Service</title>
+  <title>ISC DHCP: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in ISC DHCP, the worst of
     which may allow remote Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201308-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201308-02.xml
index bab7fa6e14..f5a0b5daeb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201308-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201308-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201308-02">
-  <title>D-Bus: Denial of Service</title>
+  <title>D-Bus: Denial of service</title>
   <synopsis>A vulnerability has been found in D-Bus which allows a local user
     to cause a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-01.xml
index 1bf4114b17..658ec5e207 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201309-01">
-  <title>Cyrus-SASL: Denial of Service</title>
+  <title>Cyrus-SASL: Denial of service</title>
   <synopsis>A NULL pointer dereference in Cyrus-SASL may allow remote attackers
     to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-03.xml
index 983ce843dd..8625528ca7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201309-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201309-03">
-  <title>Xlockmore: Denial of Service</title>
+  <title>Xlockmore: Denial of service</title>
   <synopsis>A buffer overflow in Xlockmore might allow remote attackers to
     cause a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-04.xml
index e1730eca26..f32c058f87 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201311-04">
-  <title>Vixie cron: Denial of Service</title>
+  <title>Vixie cron: Denial of service</title>
   <synopsis>A vulnerability has been found in Vixie cron, allowing local
     attackers to conduct symlink attacks. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-18.xml
index 799c3ecf56..7d4c35954a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-18.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201311-18.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201311-18">
-  <title>Unbound: Denial of Service</title>
+  <title>Unbound: Denial of service</title>
   <synopsis>Multiple Denial of Service vulnerabilities have been found in
     Unbound.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201312-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201312-15.xml
index 88f6a6288a..027a038d19 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201312-15.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201312-15.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201312-15">
-  <title>Tinyproxy: Denial of Service</title>
+  <title>Tinyproxy: Denial of service</title>
   <synopsis>A vulnerability has been found in Tinyproxy, allows remote
     attackers to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-05.xml
index 2e856e71a1..e0504d2e70 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201401-05">
-  <title>ISC DHCP: Denial of Service</title>
+  <title>ISC DHCP: Denial of service</title>
   <synopsis>A memory exhaustion vulnerability in ISC DHCP could lead to Denial
     of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-07.xml
index c0e733e083..d7b49ab80c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201401-07">
-  <title>libxslt: Denial of Service</title>
+  <title>libxslt: Denial of service</title>
   <synopsis>Multiple Denial of Service vulnerabilities have been found in
     libxslt.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-34.xml
index bba64bbbcf..9c7660a1ef 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-34.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201401-34.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201401-34">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in BIND, possibly
     resulting in Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-11.xml
index 3b42a11ed9..32b8a63295 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201402-11">
-  <title>Links: Denial of Service</title>
+  <title>Links: Denial of service</title>
   <synopsis>An integer overflow in Links might allow remote attackers to cause
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-14.xml
index f1c8a0032b..ffb27ce0e4 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201402-14">
-  <title>International Components for Unicode: Denial of Service</title>
+  <title>International Components for Unicode: Denial of service</title>
   <synopsis>Two vulnerabilities in International Components for Unicode might
     allow remote attackers to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-25.xml
index e4bd8e090e..927714d1a9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-25.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201402-25.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201402-25">
-  <title>OpenSSL: Denial of Service</title>
+  <title>OpenSSL: Denial of service</title>
   <synopsis>A vulnerability in OpenSSL's handling of TLS handshakes could
     result in a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-03.xml
index 4d1dd97ce5..b951172bdd 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201403-03">
-  <title>file: Denial of Service</title>
+  <title>file: Denial of service</title>
   <synopsis>A vulnerability in file could result in Denial of Service.</synopsis>
   <product type="ebuild">file</product>
   <announced>2014-03-13</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-04.xml
index 9c88b36634..fddfad7996 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201403-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201403-04">
-  <title>QtCore: Denial of Service</title>
+  <title>QtCore: Denial of service</title>
   <synopsis>A vulnerability in QXmlSimpleReader class can be used to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-02.xml
index feb538b9f1..ca980569f6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-02">
-  <title>libSRTP: Denial of Service</title>
+  <title>libSRTP: Denial of service</title>
   <synopsis>A vulnerability in libSRTP can result in a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-05.xml
index 4d4d968a9a..314dac6647 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-05">
-  <title>Asterisk: Denial of Service</title>
+  <title>Asterisk: Denial of service</title>
   <synopsis>Multiple buffer overflows in Asterisk might allow remote attackers
     to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-14.xml
index 5983113bd5..cd8bcad2f5 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-14">
-  <title>Ruby OpenID: Denial of Service</title>
+  <title>Ruby OpenID: Denial of service</title>
   <synopsis>A vulnerability in Ruby OpenID may lead to Denial of Service.</synopsis>
   <product type="ebuild">ruby-openid</product>
   <announced>2014-05-17</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-16.xml
index 229014a3a9..744a1d2bc4 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-16.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-16">
-  <title>Mono: Denial of Service</title>
+  <title>Mono: Denial of service</title>
   <synopsis>A hash collision vulnerability in Mono allows remote attackers to
     cause a Denial of Service condition. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-20.xml
index 8ed494ebb4..c889f9dfe1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-20">
-  <title>JBIG-KIT: Denial of Service</title>
+  <title>JBIG-KIT: Denial of service</title>
   <synopsis>A stack-based buffer overflow in JBIG-KIT might allow remote
     attackers to cause a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-21.xml
index 342671e410..f95cfa4e17 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-21.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-21.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-21">
-  <title>Charybdis, ShadowIRCd: Denial of Service</title>
+  <title>Charybdis, ShadowIRCd: Denial of service</title>
   <synopsis>A vulnerability has been found in Charybdis and ShadowIRCd,
     possibly resulting in remote Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-24.xml
index 069f8d1f85..412fdc38ca 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-24.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201405-24.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201405-24">
-  <title>Apache Portable Runtime, APR Utility Library: Denial of Service</title>
+  <title>Apache Portable Runtime, APR Utility Library: Denial of service</title>
   <synopsis>Memory consumption errors in Apache Portable Runtime and APR
     Utility Library could result in Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-04.xml
index 958e65c665..a99c235d5a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201406-04">
-  <title>SystemTap: Denial of Service</title>
+  <title>SystemTap: Denial of service</title>
   <synopsis>A vulnerability in SystemTap could allow a local attacker to create
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-23.xml
index 8e64dae79b..e80c53dc8e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-23.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201406-23.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201406-23">
-  <title>DenyHosts: Denial of Service</title>
+  <title>DenyHosts: Denial of service</title>
   <synopsis>A vulnerability in DenyHosts could allow a remote attacker to
     create a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-01.xml
index 10697913e8..4a84a78e22 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201407-01">
-  <title>OpenTTD: Denial of Service</title>
+  <title>OpenTTD: Denial of service</title>
   <synopsis>A vulnerability in OpenTTD could allow a remote attacker to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-04.xml
index 4b478172bf..92f3af8d01 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-04.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201407-04.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201407-04">
-  <title>GnuPG: Denial of Service</title>
+  <title>GnuPG: Denial of service</title>
   <synopsis>A vulnerability in GnuPG can lead to a Denial of Service condition.</synopsis>
   <product type="ebuild">GnuPG. </product>
   <announced>2014-07-16</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201408-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201408-08.xml
index 1a9f4a94ad..a5e640f0f8 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201408-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201408-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201408-08">
-  <title>file: Denial of Service</title>
+  <title>file: Denial of service</title>
   <synopsis>A vulnerability in file could result in Denial of Service. </synopsis>
   <product type="ebuild">file</product>
   <announced>2014-08-26</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-02.xml
index 54ad07f110..8fd46bf3ba 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201409-02">
-  <title>Net-SNMP: Denial of Service</title>
+  <title>Net-SNMP: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in Net-SNMP which could
     allow remote attackers to cause Denial of Service. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-07.xml
index 6265fadea6..d67dc7b810 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201409-07">
-  <title>c-icap: Denial of Service</title>
+  <title>c-icap: Denial of service</title>
   <synopsis>A vulnerability in c-icap could result in Denial of Service. </synopsis>
   <product type="ebuild">c-icap,DoS</product>
   <announced>2014-09-19</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-08.xml
index 6c07d082ac..8fa255a5fb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201409-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201409-08">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>A vulnerability in libxml2 allows a remote attacker to cause Denial
     of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201411-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201411-07.xml
index 90a31b3b88..626953bd8c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201411-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201411-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201411-07">
-  <title>Openswan: Denial of Service</title>
+  <title>Openswan: Denial of service</title>
   <synopsis>A NULL pointer dereference in Openswan may allow remote attackers
     to cause Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-03.xml
index 26a12152e1..d433305172 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-03">
-  <title>Dovecot: Denial of Service</title>
+  <title>Dovecot: Denial of service</title>
   <synopsis>A vulnerability in Dovecot could allow a remote attacker to create
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-06.xml
index a01b6e448b..c993e4d348 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-06.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-06.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-06">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>A vulnerability in libxml2 could result in Denial of Service.</synopsis>
   <product type="ebuild">libxml2</product>
   <announced>2014-12-10</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-16.xml
index 9952692321..cb189790d7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-16.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-16">
-  <title>CouchDB: Denial of Service</title>
+  <title>CouchDB: Denial of service</title>
   <synopsis>A vulnerability in CouchDB could result in Denial of Service.</synopsis>
   <product type="ebuild">couchdb</product>
   <announced>2014-12-13</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-20.xml
index 88ee9b5c98..80222f8575 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-20.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-20.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-20">
-  <title>GNUstep Base library: Denial of Service</title>
+  <title>GNUstep Base library: Denial of service</title>
   <synopsis>A vulnerability in GNUstep Base library could lead to Denial of
     Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-25.xml
index 58d21454ae..59936b32dc 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-25.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-25.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-25">
-  <title>QtGui: Denial of Service</title>
+  <title>QtGui: Denial of service</title>
   <synopsis>A NULL pointer dereference in QtGui could lead to Denial of
     Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-27.xml
index 227cffd106..5fa51c8a81 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-27.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-27.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-27">
-  <title>Ruby: Denial of Service</title>
+  <title>Ruby: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in Ruby, allowing
     context-dependent attackers to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-31.xml
index afba269755..9cd7dee012 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-31.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-31.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-31">
-  <title>ZNC: Denial of Service</title>
+  <title>ZNC: Denial of service</title>
   <synopsis>Multiple vulnerabilities in ZNC could lead to Denial of Service.</synopsis>
   <product type="ebuild">znc</product>
   <announced>2014-12-19</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-35.xml
index e260519fd0..18211d95da 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-35.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-35.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-35">
-  <title>RSYSLOG: Denial of Service</title>
+  <title>RSYSLOG: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in RSYSLOG, allowing
     attackers to cause Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-36.xml
index 54314591da..b654cff79b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-36.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-36.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-36">
-  <title>libvirt: Denial of Service</title>
+  <title>libvirt: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in libvirt, worst of which
     allows context-dependent attackers to cause Denial of Service. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-41.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-41.xml
index 0e4423b9b5..d7c4486aeb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-41.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-41.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-41">
-  <title>OpenVPN: Denial of Service</title>
+  <title>OpenVPN: Denial of service</title>
   <synopsis>A vulnerability in OpenVPN could lead to Denial of Service.</synopsis>
   <product type="ebuild">openvpn</product>
   <announced>2014-12-26</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-42.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-42.xml
index b9ef0229df..d0c8d9c3f8 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-42.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-42.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-42">
-  <title>Xen: Denial of Service</title>
+  <title>Xen: Denial of service</title>
   <synopsis>Multiple vulnerabilities have been found in Xen, possibly resulting
     in Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-46.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-46.xml
index 973ec5a5ac..6dda6c616e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-46.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-46.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-46">
-  <title>LittleCMS: Denial of Service</title>
+  <title>LittleCMS: Denial of service</title>
   <synopsis>Multiple buffer overflow flaws and a parser error in LittleCMS
     could cause Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-48.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-48.xml
index 62aec4732b..be51de898f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-48.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201412-48.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201412-48">
-  <title>file: Denial of Service</title>
+  <title>file: Denial of service</title>
   <synopsis>A vulnerability in file could allow a context-dependent attack to
     create a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-14.xml
index 8abef79d55..6f94fb6973 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-14.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201502-14.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201502-14">
-  <title>grep: Denial of Service</title>
+  <title>grep: Denial of service</title>
   <synopsis>A vulnerability in grep could result in Denial of Service. </synopsis>
   <product type="ebuild">grep,dos</product>
   <announced>2015-02-25</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-02.xml
index 8665dc717d..28f58b933d 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201503-02">
-  <title>D-Bus: Denial of Service</title>
+  <title>D-Bus: Denial of service</title>
   <synopsis>A vulnerability has been found in D-Bus, possibly resulting in
     local Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-08.xml
index 48633c2dac..d38e5342a1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201503-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201503-08">
-  <title>file: Denial of Service</title>
+  <title>file: Denial of service</title>
   <synopsis>Vulnerabilities in file could allow a context-dependent attack to
     create a Denial of Service condition. 
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-02.xml
index 5ebfd72e89..6f71d87dd7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-02.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-02.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-02">
-  <title>Tor: Denial of Service</title>
+  <title>Tor: Denial of service</title>
   <synopsis>Two vulnerabilities have been found in Tor, the worst of which can
     allow remote attackers to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-03.xml
index 14eb3aa499..aa82322b4b 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-03">
-  <title>Exiv2: Denial of Service</title>
+  <title>Exiv2: Denial of service</title>
   <synopsis>A vulnerability in Exiv2 could lead to Denial of Service condition.</synopsis>
   <product type="ebuild">exiv2</product>
   <announced>2015-07-07</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-08.xml
index 678c5f652b..9f3a3e7b3d 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-08">
-  <title>libxml2: Denial of Service</title>
+  <title>libxml2: Denial of service</title>
   <synopsis>A vulnerability in libxml2 allows a remote attacker to cause Denial
     of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-11.xml
index d6b1451186..805038e6bd 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-11">
-  <title>Perl: Denial of Service</title>
+  <title>Perl: Denial of service</title>
   <synopsis>A vulnerability in Perl allows a remote attacker to cause Denial of
     Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-12.xml
index 9f9381c92d..fbf1efc92d 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-12">
-  <title>libCapsiNetwork: Denial of Service</title>
+  <title>libCapsiNetwork: Denial of service</title>
   <synopsis>A buffer overflow in libcapsinetwork might allow remote attackers
     to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-17.xml
index 917f618700..40006ead84 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201507-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201507-17">
-  <title>SNMP: Denial of Service</title>
+  <title>SNMP: Denial of service</title>
   <synopsis>A vulnerability in SNMP could lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201508-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201508-03.xml
index 918d648861..f6d9915d49 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201508-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201508-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201508-03">
-  <title>Icecast: Denial of Service</title>
+  <title>Icecast: Denial of service</title>
   <synopsis>A bug in the Icecast code handling source client URL authentication
     causes a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201509-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201509-05.xml
index 10f9698480..df4c340837 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201509-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201509-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201509-05">
-  <title>NetworkManager: Denial of Service</title>
+  <title>NetworkManager: Denial of service</title>
   <synopsis>Improper handling of Router Advertisements in NetworkManager could
     cause a Denial of Service condition in IPv6 network stacks.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201510-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201510-01.xml
index 52af9d49c6..902f3e3579 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201510-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201510-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201510-01">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>A vulnerability in BIND could lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201512-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201512-01.xml
index b38f18f341..43c0c782d7 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201512-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201512-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201512-01">
-  <title>Dnsmasq: Denial of Service</title>
+  <title>Dnsmasq: Denial of service</title>
   <synopsis>A vulnerability in Dnsmasq can lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201605-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201605-03.xml
index addc04e39f..74310dab60 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201605-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201605-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201605-03">
-  <title>libfpx: Denial of Service</title>
+  <title>libfpx: Denial of service</title>
   <synopsis>A double free vulnerability has been discovered in libfpx that
     allows remote attackers to cause a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-13.xml
index c4b6a2dd41..340f93f10c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201611-13">
-  <title>MongoDB: Denial of Service</title>
+  <title>MongoDB: Denial of service</title>
   <synopsis>A vulnerability in MongoDB can lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-17.xml
index 0b744a3719..06918e18c1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-17.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201611-17.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201611-17">
-  <title>RPCBind: Denial of Service</title>
+  <title>RPCBind: Denial of service</title>
   <synopsis>A buffer overflow in RPCBind might allow remote attackers to cause
     a Denial of Service.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-12.xml
index 7c87051e4a..bed3765284 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-12.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-12.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201612-12">
-  <title>Patch: Denial of Service</title>
+  <title>Patch: Denial of service</title>
   <synopsis>Patch is vulnerable to a locally generated Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-13.xml
index 2a94b8945d..bbd016eb7e 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-13.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201612-13.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201612-13">
-  <title>nghttp2: Denial of Service</title>
+  <title>nghttp2: Denial of service</title>
   <synopsis>Nghttp2 is vulnerable to a Denial of Service attack.</synopsis>
   <product type="ebuild">nghttp2</product>
   <announced>2016-12-05</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-05.xml
index 86c9150d5b..7dc6c70320 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201701-05">
-  <title>BusyBox: Denial of Service</title>
+  <title>BusyBox: Denial of service</title>
   <synopsis>A vulnerability in BusyBox might allow remote attackers to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-26.xml
index 8004eafa66..7a8fc557c1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-26.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201701-26.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201701-26">
-  <title>BIND: Denial of Service</title>
+  <title>BIND: Denial of service</title>
   <synopsis>A vulnerability in BIND might allow remote attackers to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201703-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201703-05.xml
index e1637abc9d..6b0df1ab9a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201703-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201703-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201703-05">
-  <title>GNU Libtasn1: Denial of Service</title>
+  <title>GNU Libtasn1: Denial of service</title>
   <synopsis>A vulnerability in Libtasn1 allows remote attackers to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201706-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201706-11.xml
index 48a4c273b8..e520317c30 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201706-11.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201706-11.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201706-11">
-  <title>PCRE library: Denial of Service</title>
+  <title>PCRE library: Denial of service</title>
   <synopsis>A vulnerability in PCRE library allows remote attackers to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201708-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201708-08.xml
index 1ca006521c..9e374ef565 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201708-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201708-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201708-08">
-  <title>bzip2: Denial of Service</title>
+  <title>bzip2: Denial of service</title>
   <synopsis>An use-after-free vulnerability has been found in bzip2 that could
     allow remote attackers to cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-15.xml
index 3955bb67f1..34aff01db1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-15.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201710-15.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201710-15">
-  <title>GnuTLS: Denial of Service</title>
+  <title>GnuTLS: Denial of service</title>
   <synopsis>A null pointer dereference in GnuTLS might allow attackers to cause
     a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-03.xml
index cbf256a1d5..9da1809294 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-03.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-03.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201811-03">
-  <title>OpenSSL: Denial of Service</title>
+  <title>OpenSSL: Denial of service</title>
   <synopsis>A vulnerability in OpenSSL might allow remote attackers to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-07.xml
index a8cd2f6305..4980d7d7f9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-07.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201811-07.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201811-07">
-  <title>Pango: Denial of Service</title>
+  <title>Pango: Denial of service</title>
   <synopsis>A vulnerability in Pango could result in a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-05.xml
index 106046f3f7..6c9b929148 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-05.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-05.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201903-05">
-  <title>Tar: Denial of Service</title>
+  <title>Tar: Denial of service</title>
   <synopsis>A vulnerability in Tar could led to a Denial of Service condition.</synopsis>
   <product type="ebuild">tar</product>
   <announced>2019-03-10</announced>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-01.xml
index 413cf96f36..9ad5f7e37d 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-01.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-01.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201904-01">
-  <title>Cairo: Denial of Service</title>
+  <title>Cairo: Denial of service</title>
   <synopsis>Multiple vulnerabilities were found in Cairo, the worst of which
     could cause a Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-08.xml
index 9a634deb75..8f0c6a0299 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201904-08">
-  <title>Subversion: Denial of Service</title>
+  <title>Subversion: Denial of service</title>
   <synopsis>A vulnerability in Subversion could lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml
index 5c645f5aec..d0357f915f 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201904-15.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201904-15">
-  <title>libTIFF: Denial of Service</title>
+  <title>libTIFF: Denial of service</title>
   <synopsis>A vulnerability in libTIFF could lead to a Denial of Service
     condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201908-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201908-25.xml
index 7f2c146a92..700154a260 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201908-25.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201908-25.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201908-25">
-  <title>hostapd and wpa_supplicant: Denial of Service</title>
+  <title>hostapd and wpa_supplicant: Denial of service</title>
   <synopsis>A vulnerability in hostapd and wpa_supplicant could lead to a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202003-43.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202003-43.xml
index 12f723cb96..d07350f365 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202003-43.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202003-43.xml
@@ -7,16 +7,17 @@
   </synopsis>
   <product type="ebuild">tomcat</product>
   <announced>2020-03-19</announced>
-  <revised count="2">2020-03-20</revised>
+  <revised count="3">2020-06-26</revised>
   <bug>692402</bug>
   <bug>706208</bug>
   <bug>710656</bug>
   <access>remote</access>
   <affected>
     <package name="www-servers/tomcat" auto="yes" arch="*">
-      <unaffected range="rge">8.5.51</unaffected>
-      <unaffected range="rge">7.0.100</unaffected>
-      <vulnerable range="lt">8.5.51</vulnerable>
+      <unaffected range="ge" slot="8.5">8.5.51</unaffected>
+      <unaffected range="ge" slot="7">7.0.100</unaffected>
+      <vulnerable range="lt" slot="8.5">8.5.51</vulnerable>
+      <vulnerable range="lt" slot="7">7.0.100</vulnerable>
     </package>
   </affected>
   <background>
@@ -58,5 +59,5 @@
     <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1938">CVE-2020-1938</uri>
   </references>
   <metadata tag="requester" timestamp="2020-03-19T17:09:01Z">whissi</metadata>
-  <metadata tag="submitter" timestamp="2020-03-20T21:02:49Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-06-26T19:38:55Z">whissi</metadata>
 </glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202004-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202004-08.xml
index 2bccb96214..fcb9f3e073 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202004-08.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202004-08.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="202004-08">
-  <title>libssh: Denial of Service</title>
+  <title>libssh: Denial of service</title>
   <synopsis>A vulnerability in libssh could allow a remote attacker to cause a
     Denial of Service condition.
   </synopsis>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202005-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202005-09.xml
index 332036b907..7b7322c0b6 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202005-09.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202005-09.xml
@@ -1,22 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="202005-09">
-  <title>Python: Denial of Service</title>
+  <title>Python: Denial of service</title>
   <synopsis>A vulnerability in Python could lead to a Denial of Service
     condition.
   </synopsis>
   <product type="ebuild">python</product>
   <announced>2020-05-14</announced>
-  <revised count="1">2020-05-14</revised>
+  <revised count="2">2020-10-18</revised>
   <bug>707822</bug>
+  <bug>741502</bug>
   <access>remote</access>
   <affected>
     <package name="dev-lang/python" auto="yes" arch="*">
-      <unaffected range="ge" slot="2.7">2.7.18</unaffected>
+      <unaffected range="ge" slot="2.7">2.7.18-r2</unaffected>
       <unaffected range="ge" slot="3.6">3.6.10-r2</unaffected>
       <unaffected range="ge" slot="3.7">3.7.7-r2</unaffected>
       <unaffected range="ge" slot="3.8">3.8.2-r2</unaffected>
-      <vulnerable range="lt" slot="2.7">2.7.18</vulnerable>
+      <vulnerable range="lt" slot="2.7">2.7.18-r2</vulnerable>
       <vulnerable range="lt" slot="3.6">3.6.10-r2</vulnerable>
       <vulnerable range="lt" slot="3.7">3.7.7-r2</vulnerable>
       <vulnerable range="lt" slot="3.8">3.8.2-r2</vulnerable>
@@ -44,7 +45,7 @@
     
     <code>
       # emerge --sync
-      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.18:2.7"
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.18-r2:2.7"
     </code>
     
     <p>All Python 3.6 users should upgrade to the latest version:</p>
@@ -73,5 +74,5 @@
     <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8492">CVE-2020-8492</uri>
   </references>
   <metadata tag="requester" timestamp="2020-05-07T23:04:03Z">sam_c</metadata>
-  <metadata tag="submitter" timestamp="2020-05-14T22:18:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-18T00:59:06Z">sam_c</metadata>
 </glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-01.xml
new file mode 100644
index 0000000000..e8768cba05
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-01.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-01">
+  <title>GnuTLS: Information disclosure</title>
+  <synopsis>An information disclosure vulnerability in GnuTLS allow remote
+    attackers to obtain sensitive information.
+  </synopsis>
+  <product type="ebuild">gnutls</product>
+  <announced>2020-06-09</announced>
+  <revised count="1">2020-06-09</revised>
+  <bug>727108</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/gnutls" auto="yes" arch="*">
+      <unaffected range="ge">3.6.14</unaffected>
+      <vulnerable range="lt">3.6.14</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GnuTLS is an Open Source implementation of the TLS and SSL protocols.</p>
+  </background>
+  <description>
+    <p>A flaw was reported in the TLS session ticket key construction in
+      GnuTLS.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could recover previous conversations in TLS 1.2 and
+      obtain sensitive information or conduct a man-in-the-middle attack to
+      bypass authentication in TLS 1.3.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GnuTLS user should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/gnutls-3.6.14"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13777">CVE-2020-13777</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-05T15:47:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-09T14:41:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-02.xml
new file mode 100644
index 0000000000..663d9d9029
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-02.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-02">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-06-10</announced>
+  <revised count="3">2020-06-13</revised>
+  <bug>724008</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">83.0.4103.97</unaffected>
+      <vulnerable range="lt">83.0.4103.97</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">83.0.4103.97</unaffected>
+      <vulnerable range="lt">83.0.4103.97</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-83.0.4103.97"
+    </code>
+    
+    <p>All google-chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-83.0.4103.97"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6465">CVE-2020-6465</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6466">CVE-2020-6466</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6467">CVE-2020-6467</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6468">CVE-2020-6468</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6469">CVE-2020-6469</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6470">CVE-2020-6470</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6471">CVE-2020-6471</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6472">CVE-2020-6472</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6473">CVE-2020-6473</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6474">CVE-2020-6474</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6475">CVE-2020-6475</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6476">CVE-2020-6476</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6477">CVE-2020-6477</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6478">CVE-2020-6478</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6479">CVE-2020-6479</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6480">CVE-2020-6480</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6481">CVE-2020-6481</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6482">CVE-2020-6482</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6483">CVE-2020-6483</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6484">CVE-2020-6484</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6485">CVE-2020-6485</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6486">CVE-2020-6486</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6487">CVE-2020-6487</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6488">CVE-2020-6488</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6489">CVE-2020-6489</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6490">CVE-2020-6490</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6491">CVE-2020-6491</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6493">CVE-2020-6493</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6494">CVE-2020-6494</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6495">CVE-2020-6495</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6496">CVE-2020-6496</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-04T09:55:12Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T00:59:41Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-03.xml
new file mode 100644
index 0000000000..06c72762cc
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-03.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-03">
+  <title>Perl: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Perl, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">perl</product>
+  <announced>2020-06-12</announced>
+  <revised count="1">2020-06-12</revised>
+  <bug>723792</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-lang/perl" auto="yes" arch="*">
+      <unaffected range="ge">5.30.3</unaffected>
+      <vulnerable range="lt">5.30.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Perl is a highly capable, feature-rich programming language.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Perl. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Perl users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/perl-5.30.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10543">CVE-2020-10543</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10878">CVE-2020-10878</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12723">CVE-2020-12723</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-09T02:23:58Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-12T04:18:23Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-04.xml
new file mode 100644
index 0000000000..39cb805aee
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-04.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-04">
+  <title>glibc: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in glibc, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">glibc</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>677272</bug>
+  <bug>679044</bug>
+  <bug>711558</bug>
+  <bug>717938</bug>
+  <bug>719472</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-libs/glibc" auto="yes" arch="*">
+      <unaffected range="ge">2.30-r8</unaffected>
+      <vulnerable range="lt">2.30-r8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>glibc is a package that contains the GNU C library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in glibc. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All glibc users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/glibc-2.30-r8"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6488">CVE-2019-6488</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-7309">CVE-2019-7309</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9169">CVE-2019-9169</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10029">CVE-2020-10029</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1751">CVE-2020-1751</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T01:05:58Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:03:27Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-05.xml
new file mode 100644
index 0000000000..8e2d321a30
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-05.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-05">
+  <title>Nokogiri: Command injection</title>
+  <synopsis>Nokogiri has a vulnerability allowing arbitrary execution of code
+    if a certain function is used.
+  </synopsis>
+  <product type="ebuild">Nokogiri</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>691974</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-ruby/nokogiri" auto="yes" arch="*">
+      <unaffected range="ge">1.10.4</unaffected>
+      <vulnerable range="lt">1.10.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Nokogiri is an HTML, XML, SAX, and Reader parser.</p>
+  </background>
+  <description>
+    <p>A command injection vulnerability in Nokogiri allows commands to be
+      executed in a subprocess by Ruby’s Kernel.open method. Processes are
+      vulnerable only if the undocumented method
+      Nokogiri::CSS::Tokenizer#load_file is being passed untrusted user input.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process.
+    </p>
+  </impact>
+  <workaround>
+    <p>Avoid calling the undocumented method Nokogiri::CSS::Tokenizer#load_file
+      with untrusted user input.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All Nokogiri users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-ruby/nokogiri-1.10.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-5477">CVE-2019-5477</uri>
+    <uri link="https://github.com/sparklemotion/nokogiri/issues/1915">Upstream
+      bug
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T01:52:12Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:06:32Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-06.xml
new file mode 100644
index 0000000000..132e827b53
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-06.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-06">
+  <title>ssvnc: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in ssvnc, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ssvnc</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>701820</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/ssvnc" auto="yes" arch="*">
+      <vulnerable range="le">1.0.29-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Enhanced TightVNC Viewer, SSVNC, adds encryption security to VNC
+      connections.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in ssvnc. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for ssvnc. We recommend that users
+      unmerge ssvnc:
+    </p>
+    
+    <code>
+      # emerge --unmerge "net-misc/ssvnc"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining ssvnc have discontinued
+      support at this time. It may be possible that a new Gentoo developer will
+      update ssvnc at a later date. An alternative may be a manual SSH tunnel.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20020">CVE-2018-20020</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20021">CVE-2018-20021</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20022">CVE-2018-20022</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20024">CVE-2018-20024</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-24T17:26:39Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:09:16Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-07.xml
new file mode 100644
index 0000000000..9d5ea5d256
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-07.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-07">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2020-06-13</announced>
+  <revised count="2">2020-06-13</revised>
+  <bug>726844</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">68.9.0</unaffected>
+      <vulnerable range="lt">68.9.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.9.0</unaffected>
+      <vulnerable range="lt">68.9.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      Project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.9.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-68.9.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12405">CVE-2020-12405</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12406">CVE-2020-12406</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12407">CVE-2020-12407</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12408">CVE-2020-12408</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12409">CVE-2020-12409</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12410">CVE-2020-12410</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12411">CVE-2020-12411</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-04T09:53:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:14:36Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-08.xml
new file mode 100644
index 0000000000..e6a391fc9c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-08.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-08">
+  <title>WebKitGTK+: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WebKitGTK+, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">webkitgtk+</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>712260</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/webkit-gtk" auto="yes" arch="*">
+      <unaffected range="ge">2.28.2</unaffected>
+      <vulnerable range="lt">2.28.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
+      suitable for projects requiring any kind of web integration, from hybrid
+      HTML/CSS applications to full-fledged web browsers.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WebKitGTK+. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WebKitGTK+ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.28.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10018">CVE-2020-10018</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10018">CVE-2020-10018</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11793">CVE-2020-11793</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11793">CVE-2020-11793</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3885">CVE-2020-3885</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3894">CVE-2020-3894</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3895">CVE-2020-3895</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3897">CVE-2020-3897</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3899">CVE-2020-3899</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3900">CVE-2020-3900</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3901">CVE-2020-3901</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3902">CVE-2020-3902</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-14T21:48:07Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:41:16Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-09.xml
new file mode 100644
index 0000000000..8943a42220
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-09.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-09">
+  <title>Adobe Flash Player: Arbitrary code execution</title>
+  <synopsis>A flaw in Adobe Flash Player may allow local or remote attacker(s)
+    to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">adobe-flash</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>727812</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-plugins/adobe-flash" auto="yes" arch="*">
+      <unaffected range="ge">32.0.0.387</unaffected>
+      <vulnerable range="lt">32.0.0.387</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Adobe Flash Player is a renderer for the SWF file format, which is
+      commonly used to provide interactive websites.
+    </p>
+  </background>
+  <description>
+    <p>An unspecified flaw has been discovered in Adobe Flash Player.</p>
+  </description>
+  <impact type="normal">
+    <p>This flaw can be exploited by attackers for remote code execution.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Adobe Flash Player users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-plugins/adobe-flash-32.0.0.387"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9633">CVE-2020-9633</uri>
+    <uri link="https://helpx.adobe.com/security/products/flash-player/apsb20-30.html">
+      Upstream advisory (APSB20-30)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-11T00:59:03Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:44:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-10.xml
new file mode 100644
index 0000000000..0291e53cf3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-10.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-10">
+  <title>GNU Readline: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in GNU Readline, the worst
+    of which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">readline</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>717924</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-libs/readline" auto="yes" arch="*">
+      <unaffected range="ge">8.0</unaffected>
+      <vulnerable range="lt">8.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The GNU Readline library provides a set of functions for use by
+      applications that allow users to edit command lines as they are typed in.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in GNU Readline. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNU Readline users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/readline-8.0"
+    </code>
+    
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-21T23:21:08Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:47:15Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-11.xml
new file mode 100644
index 0000000000..39a9974e3f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-11.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-11">
+  <title>Ansible: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Ansible, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ansible</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>711974</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-admin/ansible" auto="yes" arch="*">
+      <unaffected range="ge">2.9.7</unaffected>
+      <vulnerable range="lt">2.9.7</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ansible is a radically simple IT automation platform.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Ansible. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Ansible users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/ansible-2.9.7"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10684">CVE-2020-10684</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10685">CVE-2020-10685</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1733">CVE-2020-1733</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1735">CVE-2020-1735</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1736">CVE-2020-1736</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1737">CVE-2020-1737</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1738">CVE-2020-1738</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1740">CVE-2020-1740</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1753">CVE-2020-1753</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-15T14:41:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:49:30Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-12.xml
new file mode 100644
index 0000000000..d55a1902c2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-12.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-12">
+  <title>GNU Mailutils: Privilege escalation</title>
+  <synopsis>A vulnerability has been found in GNU Mailutils allowing privilege
+    escalation.
+  </synopsis>
+  <product type="ebuild">mailutils</product>
+  <announced>2020-06-13</announced>
+  <revised count="1">2020-06-13</revised>
+  <bug>700806</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-mail/mailutils" auto="yes" arch="*">
+      <unaffected range="ge">3.8</unaffected>
+      <vulnerable range="lt">3.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The GNU Mailutils are a collection of mail-related utilities, including
+      an IMAP4 server (imap4d).
+    </p>
+  </background>
+  <description>
+    <p>GNU Mailutils runs maidag by default with setuid root permissions.</p>
+  </description>
+  <impact type="high">
+    <p>An attacker can use this to write to arbitrary files as root.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNU Mailutils users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-mail/mailutils-3.8"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-18862">CVE-2019-18862</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-12T21:52:25Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-13T01:51:38Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-13.xml
new file mode 100644
index 0000000000..42eeba52e2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-13.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-13">
+  <title>json-c: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in json-c, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">json-c</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>722150</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/json-c" auto="yes" arch="*">
+      <unaffected range="ge">0.14-r3</unaffected>
+      <vulnerable range="lt">0.14-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>json-c is a JSON implementation in C.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in json-c. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote/local attacker could send a specially crafted file possibly
+      resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All json-c users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/json-c-0.14-r3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12762">CVE-2020-12762</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-20T15:54:46Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:44:00Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-14.xml
new file mode 100644
index 0000000000..46fb4e1145
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-14.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-14">
+  <title>PEAR Archive_Tar: Remote code execution vulnerability</title>
+  <synopsis>A buffer overflow in the PEAR module Archive_Tar might allow local
+    or remote attacker(s) to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">archive_tar</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>675576</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-php/PEAR-Archive_Tar" auto="yes" arch="*">
+      <unaffected range="ge">1.4.5</unaffected>
+      <vulnerable range="lt">1.4.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>This class provides handling of tar files in PHP.</p>
+  </background>
+  <description>
+    <p>An issue was discovered in the PEAR module Archive_Tar’s handling of
+      file paths within Tar achives.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local or remote attacker could possibly execute arbitrary code with
+      the privileges of the process.
+    </p>
+  </impact>
+  <workaround>
+    <p>Avoid handling untrusted Tar files with this package until you have
+      upgraded to a non-vulnerable version.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All PEAR-Archive_Tar users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-php/PEAR-Archive_Tar-1.4.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-1000888">
+      CVE-2018-1000888
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T00:11:26Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:46:02Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-15.xml
new file mode 100644
index 0000000000..9fbb52de8e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-15.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-15">
+  <title>OpenConnect: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenConnect, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">openconnect</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>719108</bug>
+  <bug>722740</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-vpn/openconnect" auto="yes" arch="*">
+      <unaffected range="ge">8.09-r1</unaffected>
+      <vulnerable range="lt">8.09-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenConnect is a free client for Cisco AnyConnect SSL VPN software.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenConnect. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenConnect users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/openconnect-8.09-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12105">CVE-2020-12105</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12823">CVE-2020-12823</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-23T13:25:13Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:47:01Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-16.xml
new file mode 100644
index 0000000000..a652c18c28
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-16.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-16">
+  <title>PCRE2: Denial of service</title>
+  <synopsis>A vulnerability in PCRE2 could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">pcre2</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>717800</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-libs/pcre2" auto="yes" arch="*">
+      <unaffected range="ge">10.34</unaffected>
+      <vulnerable range="lt">10.34</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PCRE2 is a project based on PCRE (Perl Compatible Regular Expressions)
+      which has a new and revised API.
+    </p>
+  </background>
+  <description>
+    <p>PCRE2 has a flaw when handling JIT-compiled regex using the \X pattern.</p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PCRE2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/pcre2-10.34"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20454">CVE-2019-20454</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-12T14:41:37Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:48:59Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-17.xml
new file mode 100644
index 0000000000..95c9c6dd1a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-17.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-17">
+  <title>FAAD2: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in FAAD2, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">faad2</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>695540</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/faad2" auto="yes" arch="*">
+      <unaffected range="ge">2.9.0</unaffected>
+      <vulnerable range="lt">2.9.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in FAAD2. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FAAD2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/faad2-2.9.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19502">CVE-2018-19502</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19503">CVE-2018-19503</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19504">CVE-2018-19504</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20194">CVE-2018-20194</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20195">CVE-2018-20195</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20196">CVE-2018-20196</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20197">CVE-2018-20197</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20198">CVE-2018-20198</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20199">CVE-2018-20199</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20357">CVE-2018-20357</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20358">CVE-2018-20358</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20359">CVE-2018-20359</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20360">CVE-2018-20360</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20361">CVE-2018-20361</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20362">CVE-2018-20362</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15296">CVE-2019-15296</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6956">CVE-2019-6956</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T01:42:00Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:50:03Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-18.xml
new file mode 100644
index 0000000000..ad77d145a2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-18.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-18">
+  <title>Bubblewrap: Arbitrary code execution</title>
+  <synopsis>Bubblewrap misuses temporary directories allowing local code
+    execution.
+  </synopsis>
+  <product type="ebuild">bubblerwrap</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>686114</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/bubblewrap" auto="yes" arch="*">
+      <unaffected range="ge">0.4.1</unaffected>
+      <vulnerable range="lt">0.4.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Bubblewrap is an unprivileged sandboxing tool namespaces-powered
+      chroot-like solution.
+    </p>
+  </background>
+  <description>
+    <p>Bubblewrap misuses temporary directories in /tmp as a mount point.</p>
+  </description>
+  <impact type="normal">
+    <p>This flaw may allow possible execution of code or prevention of running
+      Bubblewrap.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Bubblewrap users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/bubblewrap-0.4.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12439">CVE-2019-12439</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-25T21:13:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:51:19Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-19.xml
new file mode 100644
index 0000000000..4f2140b8c1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-19.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-19">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>727118</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">68.9.0</unaffected>
+      <vulnerable range="lt">68.9.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.9.0</unaffected>
+      <vulnerable range="lt">68.9.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-68.9.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-68.9.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12398">CVE-2020-12398</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12405">CVE-2020-12405</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12406">CVE-2020-12406</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12410">CVE-2020-12410</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/">
+      MFSA-2020-22
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-04T22:44:05Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:52:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-20.xml
new file mode 100644
index 0000000000..690bfee258
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-20.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-20">
+  <title>Asterisk: Root privilege escalation</title>
+  <synopsis>A vulnerability was discovered in Asterisk which may allow local
+    attackers to gain root privileges. 
+  </synopsis>
+  <product type="ebuild">asterisk</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>602722</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-misc/asterisk" auto="yes" arch="*">
+      <unaffected range="ge">13.32.0-r1</unaffected>
+      <vulnerable range="lt">13.32.0-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A Modular Open Source PBX System.</p>
+  </background>
+  <description>
+    <p>It was discovered that Gentoo’s Asterisk ebuild does not properly set
+      permissions on its data directories. This only affects OpenRC systems, as
+      the flaw was exploitable via the init script.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>Users should ensure the proper permissions are set as discussed in the
+      referenced bugs. Do not run /etc/init.d/asterisk checkperms.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All Asterisk users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/asterisk-13.32.0-r1"
+    </code>
+    
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-15T11:13:35Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:53:36Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-21.xml
new file mode 100644
index 0000000000..ac2c137808
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-21.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-21">
+  <title>Apache Tomcat: Remote code execution</title>
+  <synopsis>A vulnerability has been discovered in Apache Tomcat which could
+    result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">tomcat</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>724344</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/tomcat" auto="yes" arch="*">
+      <unaffected range="ge" slot="7">7.0.104</unaffected>
+      <unaffected range="ge" slot="8.5">8.5.55</unaffected>
+      <vulnerable range="lt" slot="7">7.0.104</vulnerable>
+      <vulnerable range="lt" slot="8.5">8.5.55</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Apache Tomcat is a Servlet-3.0/JSP-2.2 Container.</p>
+  </background>
+  <description>
+    <p>Apache Tomcat improperly handles deserialization of files under specific
+      circumstances.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Tomcat 7.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/tomcat-7.0.104"
+    </code>
+    
+    <p>All Apache Tomcat 8.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/tomcat-8.5.55"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9484">CVE-2020-9484</uri>
+    <uri link="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.104">
+      Upstream advisory (7)
+    </uri>
+    <uri link="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.55">
+      Upstream advisory (8.5)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-25T12:42:10Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:55:34Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-22.xml
new file mode 100644
index 0000000000..82046e4ece
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-22.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-22">
+  <title>OpenJDK, IcedTea: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenJDK and IcedTea,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">icedtea</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>718720</bug>
+  <bug>720690</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/openjdk-bin" auto="yes" arch="*">
+      <unaffected range="ge">8.252_p09</unaffected>
+      <vulnerable range="lt">8.252_p09</vulnerable>
+    </package>
+    <package name="dev-java/openjdk-jre-bin" auto="yes" arch="*">
+      <unaffected range="ge">8.252_p09</unaffected>
+      <vulnerable range="lt">8.252_p09</vulnerable>
+    </package>
+    <package name="dev-java/icedtea-bin" auto="yes" arch="*">
+      <unaffected range="ge">3.16.0</unaffected>
+      <vulnerable range="lt">3.16.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenJDK is a free and open-source implementation of the Java Platform,
+      Standard Edition.
+    </p>
+    
+    <p>IcedTea’s aim is to provide OpenJDK in a form suitable for easy
+      configuration, compilation and distribution with the primary goal of
+      allowing inclusion in GNU/Linux distributions.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenJDK and IcedTea.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenJDK binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/openjdk-bin-8.252_p09"
+    </code>
+    
+    <p>All OpenJDK JRE binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=dev-java/openjdk-jre-bin-8.252_p09"
+    </code>
+    
+    <p>All IcedTea binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/icedtea-bin-3.16.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2585">CVE-2020-2585</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2585">CVE-2020-2585</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2755">CVE-2020-2755</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2755">CVE-2020-2755</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2756">CVE-2020-2756</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2756">CVE-2020-2756</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2757">CVE-2020-2757</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2757">CVE-2020-2757</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2773">CVE-2020-2773</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2773">CVE-2020-2773</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2781">CVE-2020-2781</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2781">CVE-2020-2781</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2800">CVE-2020-2800</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2800">CVE-2020-2800</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2803">CVE-2020-2803</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2803">CVE-2020-2803</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2805">CVE-2020-2805</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2805">CVE-2020-2805</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2830">CVE-2020-2830</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2830">CVE-2020-2830</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-14T21:46:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:56:40Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-23.xml
new file mode 100644
index 0000000000..7fb7e375cb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202006-23.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202006-23">
+  <title>Cyrus IMAP Server: Access restriction bypass</title>
+  <synopsis>An error in Cyrus IMAP Server allows mailboxes to be created with
+    administrative privileges.
+  </synopsis>
+  <product type="ebuild">cyrusimap</product>
+  <announced>2020-06-15</announced>
+  <revised count="1">2020-06-15</revised>
+  <bug>703630</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-mail/cyrus-imapd" auto="yes" arch="*">
+      <unaffected range="ge">3.0.13</unaffected>
+      <vulnerable range="lt">3.0.13</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail
+      server.
+    </p>
+  </background>
+  <description>
+    <p>An issue was discovered in Cyrus IMAP Server where sieve script
+      uploading is excessively trusted.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A user can use a sieve script to create any mailbox with administrator
+      privileges.
+    </p>
+  </impact>
+  <workaround>
+    <p>Disable sieve script uploading until the upgrade is complete.</p>
+  </workaround>
+  <resolution>
+    <p>All Cyrus IMAP Server users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-mail/cyrus-imapd-3.0.13"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-19783">CVE-2019-19783</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T07:13:03Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-06-15T15:58:17Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-01.xml
new file mode 100644
index 0000000000..56c6b1c301
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-01.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-01">
+  <title>netqmail: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in netqmail, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">netqmail</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>721566</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-mta/netqmail" auto="yes" arch="*">
+      <unaffected range="ge">1.06-r13</unaffected>
+      <vulnerable range="lt">1.06-r13</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>qmail is a secure, reliable, efficient, simple message transfer agent.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in netqmail. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>In the default configuration, these vulnerabilities are only local.
+      Please review the referenced CVE identifiers for details.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All netqmail users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-mta/netqmail-1.06-r13"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2005-1513">CVE-2005-1513</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2005-1514">CVE-2005-1514</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2005-1515">CVE-2005-1515</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-11T02:55:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:08:48Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-02.xml
new file mode 100644
index 0000000000..7cc7db21c7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-02.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-02">
+  <title>Xen: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Xen, the worst of which
+    could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">xen</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>731658</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/xen" auto="yes" arch="*">
+      <unaffected range="ge">4.12.3-r2</unaffected>
+      <vulnerable range="lt">4.12.3-r2</vulnerable>
+    </package>
+    <package name="app-emulation/xen-tools" auto="yes" arch="*">
+      <unaffected range="ge">4.12.3-r2</unaffected>
+      <vulnerable range="lt">4.12.3-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Xen is a bare-metal hypervisor.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Xen. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Xen users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/xen-4.12.3-r2"
+    </code>
+    
+    <p>All Xen Tools users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=app-emulation/xen-tools-4.12.3-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15563">CVE-2020-15563</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15564">CVE-2020-15564</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15565">CVE-2020-15565</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15566">CVE-2020-15566</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15567">CVE-2020-15567</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-17T21:12:47Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:28:47Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-03.xml
new file mode 100644
index 0000000000..93079b9e24
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-03.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-03">
+  <title>Cacti: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Cacti, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">cacti</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>728678</bug>
+  <bug>732522</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/cacti" auto="yes" arch="*">
+      <unaffected range="ge">1.2.13</unaffected>
+      <vulnerable range="lt">1.2.13</vulnerable>
+    </package>
+    <package name="net-analyzer/cacti-spine" auto="yes" arch="*">
+      <unaffected range="ge">1.2.13</unaffected>
+      <vulnerable range="lt">1.2.13</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Cacti is a complete frontend to rrdtool.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Cacti. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Cacti users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/cacti-1.2.13"
+    </code>
+    
+    <p>All Cacti Spine users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/cacti-spine-1.2.13"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11022">CVE-2020-11022</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11023">CVE-2020-11023</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14295">CVE-2020-14295</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-19T01:50:59Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:31:38Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-04.xml
new file mode 100644
index 0000000000..b04ea7893e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-04.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-04">
+  <title>fwupd, libjcat: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in fwupd and libjcat, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">fwupd,libjfcat</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>727656</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/fwupd" auto="yes" arch="*">
+      <unaffected range="ge">1.3.10</unaffected>
+      <vulnerable range="lt">1.3.10</vulnerable>
+    </package>
+    <package name="dev-libs/libjcat" auto="yes" arch="*">
+      <unaffected range="ge">0.1.3</unaffected>
+      <vulnerable range="lt">0.1.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>fwupd aims to make updating firmware on Linux automatic, safe and
+      reliable. libjcat is a library and tool for reading and writing Jcat
+      files.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in fwupd and libjcat.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All fwupd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/fwupd-1.3.10"
+    </code>
+    
+    <p>All libjcat users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/libjcat-0.1.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10759">CVE-2020-10759</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-29T00:15:07Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:34:10Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-05.xml
new file mode 100644
index 0000000000..75ae7ba35b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-05.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-05">
+  <title>libexif: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libexif, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">libexif</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>708728</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/libexif" auto="yes" arch="*">
+      <unaffected range="ge">0.6.22</unaffected>
+      <vulnerable range="lt">0.6.22</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libexif is a library for parsing, editing and saving Exif metadata from
+      images.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libexif. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libexif users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/libexif-0.6.22"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-6328">CVE-2016-6328</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9278">CVE-2019-9278</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-0093">CVE-2020-0093</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12767">CVE-2020-12767</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13112">CVE-2020-13112</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13113">CVE-2020-13113</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13114">CVE-2020-13114</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-16T01:09:55Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:40:47Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-06.xml
new file mode 100644
index 0000000000..e8f7cd438d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-06.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-06">
+  <title>HylaFAX: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in HylaFAX, the worst of
+    which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">hylafax</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>730290</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-misc/hylafaxplus" auto="yes" arch="*">
+      <unaffected range="ge">7.0.2</unaffected>
+      <vulnerable range="lt">7.0.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>HylaFAX is an enterprise-class system for sending and receiving
+      facsimile messages and for sending alpha-numeric pages.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in HylaFAX. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All HylaFAX users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/hylafaxplus-7.0.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15396">CVE-2020-15396</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15397">CVE-2020-15397</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-18T14:34:58Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T22:44:15Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-07.xml
new file mode 100644
index 0000000000..3093043f62
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-07.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-07">
+  <title>Transmission: Remote code execution</title>
+  <synopsis>A use-after-free possibly allowing remote execution of code was
+    discovered in Transmission.
+  </synopsis>
+  <product type="ebuild">transmission</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>723258</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-p2p/transmission" auto="yes" arch="*">
+      <unaffected range="ge">3.00</unaffected>
+      <vulnerable range="lt">3.00</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Transmission is a cross-platform BitTorrent client.</p>
+  </background>
+  <description>
+    <p>Transmission mishandles some memory management which may allow
+      manipulation of the heap.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      torrent file using Transmission, possibly resulting in execution of
+      arbitrary code with the privileges of the process or a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Transmission users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-p2p/transmission-3.00"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-10756">CVE-2018-10756</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T02:12:52Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:30:38Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-08.xml
new file mode 100644
index 0000000000..a4f230e66b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-08.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-08">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>728418</bug>
+  <bug>729310</bug>
+  <bug>732588</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.89</unaffected>
+      <vulnerable range="lt">84.0.4147.89</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.89</unaffected>
+      <vulnerable range="lt">84.0.4147.89</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-84.0.4147.89"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-84.0.4147.89"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6505">CVE-2020-6505</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6506">CVE-2020-6506</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6507">CVE-2020-6507</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6509">CVE-2020-6509</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6510">CVE-2020-6510</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6511">CVE-2020-6511</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6512">CVE-2020-6512</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6513">CVE-2020-6513</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6514">CVE-2020-6514</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6515">CVE-2020-6515</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6516">CVE-2020-6516</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6517">CVE-2020-6517</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6518">CVE-2020-6518</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6519">CVE-2020-6519</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6520">CVE-2020-6520</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6521">CVE-2020-6521</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6522">CVE-2020-6522</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6523">CVE-2020-6523</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6524">CVE-2020-6524</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6525">CVE-2020-6525</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6526">CVE-2020-6526</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6527">CVE-2020-6527</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6528">CVE-2020-6528</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6529">CVE-2020-6529</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6530">CVE-2020-6530</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6531">CVE-2020-6531</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6533">CVE-2020-6533</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6534">CVE-2020-6534</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6535">CVE-2020-6535</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6536">CVE-2020-6536</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-18T02:31:59Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:33:44Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-09.xml
new file mode 100644
index 0000000000..eafd82da13
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-09.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-09">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>730628</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">68.10.0</unaffected>
+      <vulnerable range="lt">68.10.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.10.0</unaffected>
+      <vulnerable range="lt">68.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-68.10.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-68.10.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12417">CVE-2020-12417</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12418">CVE-2020-12418</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12419">CVE-2020-12419</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12420">CVE-2020-12420</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12421">CVE-2020-12421</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-16T04:28:14Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:36:14Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-10.xml
new file mode 100644
index 0000000000..ba5545fd96
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-10.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-10">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>730418</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">68.10.0</unaffected>
+      <vulnerable range="lt">68.10.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.10.0</unaffected>
+      <vulnerable range="lt">68.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      Project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.10.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-68.10.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12402">CVE-2020-12402</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12415">CVE-2020-12415</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12416">CVE-2020-12416</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12417">CVE-2020-12417</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12418">CVE-2020-12418</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12419">CVE-2020-12419</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12420">CVE-2020-12420</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12421">CVE-2020-12421</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12422">CVE-2020-12422</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12424">CVE-2020-12424</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12425">CVE-2020-12425</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12426">CVE-2020-12426</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-07T16:00:55Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:38:24Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-11.xml
new file mode 100644
index 0000000000..914221d859
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-11.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-11">
+  <title>WebKitGTK+: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WebKitGTK+, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">webkitgtk+</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>732104</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/webkit-gtk" auto="yes" arch="*">
+      <unaffected range="ge">2.28.3</unaffected>
+      <vulnerable range="lt">2.28.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
+      suitable for projects requiring any kind of web integration, from hybrid
+      HTML/CSS applications to full-fledged web browsers.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WebKitGTK+. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WebKitGTK+ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.28.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13753">CVE-2020-13753</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9802">CVE-2020-9802</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9803">CVE-2020-9803</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9805">CVE-2020-9805</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9806">CVE-2020-9806</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9807">CVE-2020-9807</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9843">CVE-2020-9843</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9850">CVE-2020-9850</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-19T11:27:13Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:40:52Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-12.xml
new file mode 100644
index 0000000000..15f5cd20ec
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-12.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-12">
+  <title>NTP: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in NTP, the worst of which
+    could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">ntp</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>717798</bug>
+  <bug>729458</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/ntp" auto="yes" arch="*">
+      <unaffected range="ge">4.2.8_p15</unaffected>
+      <vulnerable range="lt">4.2.8_p15</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>NTP contains software for the Network Time Protocol.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in NTP. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NTP users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/ntp-4.2.8_p15"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11868">CVE-2020-11868</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13817">CVE-2020-13817</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15025">CVE-2020-15025</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T02:14:32Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:43:52Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-13.xml
new file mode 100644
index 0000000000..5c0c85cff0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-13.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-13">
+  <title>Wireshark: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Wireshark, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>711012</bug>
+  <bug>716756</bug>
+  <bug>724132</bug>
+  <bug>730414</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">3.2.5</unaffected>
+      <vulnerable range="lt">3.2.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Wireshark is a network protocol analyzer formerly known as ethereal.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Wireshark. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Wireshark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-3.2.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11647">CVE-2020-11647</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13164">CVE-2020-13164</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15466">CVE-2020-15466</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9428">CVE-2020-9428</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9429">CVE-2020-9429</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9430">CVE-2020-9430</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9431">CVE-2020-9431</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T16:22:12Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:47:31Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-14.xml
new file mode 100644
index 0000000000..6fe7f34940
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-14.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-14">
+  <title>yaml-cpp: Denial of service</title>
+  <synopsis>A vulnerability in yaml-cpp could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">yaml-cpp</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>626662</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-cpp/yaml-cpp" auto="yes" arch="*">
+      <unaffected range="ge">0.6.3-r2</unaffected>
+      <vulnerable range="lt">0.6.3-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>yaml-cpp is a YAML parser and emitter in C++.</p>
+  </background>
+  <description>
+    <p>The function Scanner::peek in scanner.cpp may have an assertion failure.</p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All yaml-cpp users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-cpp/yaml-cpp-0.6.3-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-11692">CVE-2017-11692</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T16:16:28Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:48:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-15.xml
new file mode 100644
index 0000000000..f45efd3367
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-15.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-15">
+  <title>Samba: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Samba, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">samba</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>719120</bug>
+  <bug>730472</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-fs/samba" auto="yes" arch="*">
+      <unaffected range="ge">4.11.11</unaffected>
+      <vulnerable range="lt">4.11.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Samba is a suite of SMB and CIFS client/server programs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Samba. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Samba users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-fs/samba-4.11.11"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10700">CVE-2020-10700</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10704">CVE-2020-10704</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10730">CVE-2020-10730</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10745">CVE-2020-10745</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10760">CVE-2020-10760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14303">CVE-2020-14303</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:09:50Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:52:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-16.xml
new file mode 100644
index 0000000000..393e5994cc
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-16.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-16">
+  <title>cURL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in cURL, the worst of
+    which could result in information disclosure or data loss.
+  </synopsis>
+  <product type="ebuild">curl</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>729374</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/curl" auto="yes" arch="*">
+      <unaffected range="ge">7.71.0</unaffected>
+      <vulnerable range="lt">7.71.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A command line tool and library for transferring data with URLs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in cURL. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All cURL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/curl-7.71.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8169">CVE-2020-8169</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8177">CVE-2020-8177</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T16:01:11Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:52:30Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-17.xml
new file mode 100644
index 0000000000..1234ccc4b9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-17.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-17">
+  <title>JHead: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in JHead, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">jhead</product>
+  <announced>2020-07-26</announced>
+  <revised count="2">2020-07-27</revised>
+  <bug>701826</bug>
+  <bug>711220</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-gfx/jhead" auto="yes" arch="*">
+      <unaffected range="ge">3.04</unaffected>
+      <vulnerable range="lt">3.04</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>JHead is an exif jpeg header manipulation tool.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in JHead. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All JHead users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-gfx/jhead-3.04"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-1010301">
+      CVE-2019-1010301
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-1010302">
+      CVE-2019-1010302
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-19035">CVE-2019-19035</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6624">CVE-2020-6624</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6625">CVE-2020-6625</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:53:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T12:29:49Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-18.xml
new file mode 100644
index 0000000000..01b58a0aad
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-18.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-18">
+  <title>QtNetwork: Denial of service</title>
+  <synopsis>A vulnerability in QtNetwork could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">qtnetwork</product>
+  <announced>2020-07-26</announced>
+  <revised count="1">2020-07-26</revised>
+  <bug>727604</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-qt/qtnetwork" auto="yes" arch="*">
+      <unaffected range="ge">5.14.2-r1</unaffected>
+      <vulnerable range="lt">5.14.2-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>QtNetwork provides a set of APIs for programming applications that use
+      TCP/IP. It is part of the Qt framework.
+    </p>
+  </background>
+  <description>
+    <p>A flaw was discovered in QtNetwork’s handling of OpenSSL protocol
+      errors.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All QtNetwork users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-qt/qtnetwork-5.14.2-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13962">CVE-2020-13962</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-17T14:27:39Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-26T23:59:22Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-19.xml
new file mode 100644
index 0000000000..2155cd0080
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-19.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-19">
+  <title>WavPack: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WavPack, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">wavpack</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>672638</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-sound/wavpack" auto="yes" arch="*">
+      <unaffected range="ge">5.3.2</unaffected>
+      <vulnerable range="lt">5.3.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WavPack is a set of hybrid lossless audio compression tools.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WavPack. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could send a specially crafted audio file possibly
+      resulting in a Denial of Service condition. Please review the referenced
+      CVE identifiers for details.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WavPack users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-sound/wavpack-5.3.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19840">CVE-2018-19840</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-19841">CVE-2018-19841</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-11498">CVE-2019-11498</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:21:17Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:03:02Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-20.xml
new file mode 100644
index 0000000000..b05df4b815
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-20.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-20">
+  <title>fuseiso: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in fuseiso, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">fuseiso</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>713328</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-fs/fuseiso" auto="yes" arch="*">
+      <unaffected range="ge">20070708-r3</unaffected>
+      <vulnerable range="lt">20070708-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FuseISO is a FUSE module to mount ISO filesystem images (.iso, .nrg,
+      .bin, .mdf and .img files).
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in fuseiso. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted ISO
+      file using fuseiso, possibly resulting in execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All fuseiso users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-fs/fuseiso-20070708-r3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2015-8837">CVE-2015-8837</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:37:48Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:05:15Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-21.xml
new file mode 100644
index 0000000000..41a83f01f9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-21.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-21">
+  <title>Libreswan: Denial of service</title>
+  <synopsis>A vulnerability in Libreswan could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">libreswan</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>722696</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-vpn/libreswan" auto="yes" arch="*">
+      <unaffected range="ge">3.32</unaffected>
+      <vulnerable range="lt">3.32</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Libreswan is a free software implementation of the most widely supported
+      and standarized VPN protocol based on (“IPsec”) and the Internet Key
+      Exchange (“IKE”).
+    </p>
+  </background>
+  <description>
+    <p>As a result of a bug in handling certain bogus encrypted IKEv1, while
+      building a log message that the packet has been dropped, a NULL pointer
+      dereference causes Libreswan to crash and restart when it attempts to log
+      the state name involved.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Libreswan users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/libreswan-3.32"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1763">CVE-2020-1763</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:11:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:05:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-22.xml
new file mode 100644
index 0000000000..fce9e1a3bb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-22.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-22">
+  <title>sysstat: Arbitrary code execution</title>
+  <synopsis>A use-after-free in sysstat was discovered which may allow
+    arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">sysstat</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>706206</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-admin/sysstat" auto="yes" arch="*">
+      <unaffected range="ge">12.2.1</unaffected>
+      <vulnerable range="lt">12.2.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>sysstat is a package containing a number of performance monitoring
+      utilities for Linux, including sar, mpstat, iostat and sa tools.
+    </p>
+  </background>
+  <description>
+    <p>A double-free in sysstat’s check_file_actlst() function was
+      discovered.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All sysstat users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/sysstat-12.2.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-19725">CVE-2019-19725</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:01:59Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:08:31Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-23.xml
new file mode 100644
index 0000000000..49b3737c30
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-23.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-23">
+  <title>ClamAV: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in ClamAV, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">clamav</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>732944</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-antivirus/clamav" auto="yes" arch="*">
+      <unaffected range="ge">0.102.4</unaffected>
+      <vulnerable range="lt">0.102.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ClamAV is a GPL virus scanner.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in ClamAV. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ClamAV users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-antivirus/clamav-0.102.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3327">CVE-2020-3327</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3350">CVE-2020-3350</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-3481">CVE-2020-3481</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:37:47Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:09:14Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-24.xml
new file mode 100644
index 0000000000..1ee579b1f6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-24.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-24">
+  <title>Twisted: Access restriction bypasses</title>
+  <synopsis>Multiple vulnerabilities have been found in Twisted, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">twisted</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>712240</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/twisted" auto="yes" arch="*">
+      <unaffected range="ge">20.3.0</unaffected>
+      <vulnerable range="lt">20.3.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Twisted is an asynchronous networking framework written in Python.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Twisted. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Twisted users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/twisted-20.3.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10108">CVE-2020-10108</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10109">CVE-2020-10109</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:19:42Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:12:37Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-25.xml
new file mode 100644
index 0000000000..95c3536dcf
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-25.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-25">
+  <title>arpwatch: Root privilege escalation</title>
+  <synopsis>A vulnerability was discovered in arpwatch which may allow local
+    attackers to gain root privileges.
+  </synopsis>
+  <product type="ebuild">arpwatch</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>602552</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-analyzer/arpwatch" auto="yes" arch="*">
+      <unaffected range="ge">2.1.15-r11</unaffected>
+      <vulnerable range="lt">2.1.15-r11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The ethernet monitor program; for keeping track of ethernet/ip address
+      pairings.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Gentoo’s arpwatch ebuild made excessive
+      permission operations on its data directories, possibly changing
+      ownership of unintended files. This only affects OpenRC systems, as the
+      flaw was exploitable via the init script.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All arpwatch users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=net-analyzer/arpwatch-2.1.15-r11"
+    </code>
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T01:06:22Z">b-man</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:14:49Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-26.xml
new file mode 100644
index 0000000000..9d1a1dbc8f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-26.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-26">
+  <title>SQLite: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in SQLite, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">sqlite</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>716748</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/sqlite" auto="yes" arch="*">
+      <unaffected range="ge">3.32.3</unaffected>
+      <vulnerable range="lt">3.32.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>SQLite is a C library that implements an SQL database engine.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in SQLite. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SQLite users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/sqlite-3.32.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20218">CVE-2019-20218</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11655">CVE-2020-11655</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11656">CVE-2020-11656</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13434">CVE-2020-13434</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13435">CVE-2020-13435</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13630">CVE-2020-13630</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13631">CVE-2020-13631</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13632">CVE-2020-13632</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13871">CVE-2020-13871</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15358">CVE-2020-15358</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:02:39Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:15:30Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-27.xml
new file mode 100644
index 0000000000..cc568e2427
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-27.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-27">
+  <title>Haml: Arbitrary code execution</title>
+  <synopsis>A flaw in Haml allows arbitrary code execution as a result of
+    improper filtering.
+  </synopsis>
+  <product type="ebuild">haml</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>699840</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-ruby/haml" auto="yes" arch="*">
+      <unaffected range="ge">5.1.2</unaffected>
+      <vulnerable range="lt">5.1.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Haml is a templating engine for HTML.</p>
+  </background>
+  <description>
+    <p>It was discovered that Haml was not correctly filtering out special
+      characters which may be used for attributes.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Haml users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-ruby/haml-5.1.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-1002201">
+      CVE-2017-1002201
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-22T01:38:59Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:18:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-28.xml
new file mode 100644
index 0000000000..9f2b781ea0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-28.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-28">
+  <title>re2c: Buffer overflow</title>
+  <synopsis>A vulnerability in re2c could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">re2c</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>718350</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-util/re2c" auto="yes" arch="*">
+      <unaffected range="ge">1.3-r1</unaffected>
+      <vulnerable range="lt">1.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>re2c is a tool for generating C-based recognizers from regular
+      expressions.
+    </p>
+  </background>
+  <description>
+    <p>A heap buffer overflow vulnerability was discovered in re2c.</p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could possibly cause a Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All re2c users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-util/re2c-1.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11958">CVE-2020-11958</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-13T17:20:09Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:20:01Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-29.xml
new file mode 100644
index 0000000000..07c32a1b7c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-29.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-29">
+  <title>rssh: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in rssh, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">rssh</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>699842</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-shells/rssh" auto="yes" arch="*">
+      <vulnerable range="le">2.3.4_p3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>rssh is a restricted shell, allowing only a few commands like scp or
+      sftp. It is often used as a complement to OpenSSH to provide limited
+      access to users.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in rssh. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for rssh. We recommend that users
+      unmerge rssh:
+    </p>
+    
+    <code>
+      # emerge --unmerge "app-shells/rssh"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining rssh have discontinued support
+      at this time. It may be possible that a new Gentoo developer will update
+      rssh at a later date. OpenSSH (net-misc/openssh) may be able to provide
+      similar functionality using its extensive configuration.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-1000018">
+      CVE-2019-1000018
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3463">CVE-2019-3463</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3464">CVE-2019-3464</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T04:47:11Z">b-man</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:22:59Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-30.xml
new file mode 100644
index 0000000000..7a093aa57c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-30.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-30">
+  <title>spice: Arbitrary code execution</title>
+  <synopsis>A buffer overread has been discovered in spice possibly allowing
+    remote execution of code.
+  </synopsis>
+  <product type="ebuild">spice</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>717776</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/spice" auto="yes" arch="*">
+      <unaffected range="ge">0.14.2</unaffected>
+      <vulnerable range="lt">0.14.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Provides a complete open source solution for remote access to virtual
+      machines in a seamless way so you can play videos, record audio, share
+      USB devices, and share folders without complications.
+    </p>
+  </background>
+  <description>
+    <p>A flaw in spice’s memory handling code has been discovered, allowing
+      an out of bounds read.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker may be able to send malicious packets causing remote
+      code execution.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All spice users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/spice-0.14.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3813">CVE-2019-3813</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-13T16:22:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:23:35Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-31.xml
new file mode 100644
index 0000000000..add1030a68
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-31.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-31">
+  <title>Icinga: Root privilege escalation</title>
+  <synopsis>Icinga installs files with insecure permissions allowing root
+    privilege escalation.
+  </synopsis>
+  <product type="ebuild">icinga</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>638186</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-analyzer/icinga" auto="yes" arch="*">
+      <vulnerable range="lt">1.14.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Icinga is an open source computer system and network monitoring
+      application. It was originally created as a fork of the Nagios system
+      monitoring application in 2009.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Icinga’s installed files have insecure
+      permissions, possibly allowing root privilege escalation.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could escalate privileges to root.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for Icinga. We recommend that users
+      unmerge Icinga:
+    </p>
+    
+    <code>
+      # emerge --unmerge "net-analyzer/icinga"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining Icinga have discontinued
+      support at this time. It may be possible that a new Gentoo developer will
+      update Icinga at a later date. The natural replacement is Icinga 2
+      (net-analyzer/icinga2).
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-16882">CVE-2017-16882</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T02:07:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:26:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-32.xml
new file mode 100644
index 0000000000..4d7d455e0b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-32.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-32">
+  <title>Sarg: Local privilege escalation</title>
+  <synopsis>A flaw in Sarg may allow local privilege escalation.</synopsis>
+  <product type="ebuild">sarg</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>706748</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-analyzer/sarg" auto="yes" arch="*">
+      <unaffected range="ge">2.4.0</unaffected>
+      <vulnerable range="lt">2.4.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Sarg (Squid Analysis Report Generator) is a tool that provides many
+      informations about the Squid web proxy server users activities: time,
+      sites, traffic, etc.
+    </p>
+  </background>
+  <description>
+    <p>A flaw in Sarg’s handling of temporary directories was discovered.</p>
+  </description>
+  <impact type="high">
+    <p>A local attacker may be able to escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Sarg users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/sarg-2.4.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-18932">CVE-2019-18932</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T01:21:28Z">b-man</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:26:55Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-33.xml
new file mode 100644
index 0000000000..4a0344ccad
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-33.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-33">
+  <title>OSSEC: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OSSEC, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ossec-hids</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>707826</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-analyzer/ossec-hids" auto="yes" arch="*">
+      <unaffected range="ge">3.6.0</unaffected>
+      <vulnerable range="lt">3.6.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OSSEC is a full platform to monitor and control your system(s).</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OSSEC. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OSSEC users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/ossec-hids-3.6.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8442">CVE-2020-8442</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8443">CVE-2020-8443</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8444">CVE-2020-8444</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8445">CVE-2020-8445</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8446">CVE-2020-8446</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8447">CVE-2020-8447</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8448">CVE-2020-8448</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-17T21:09:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:29:16Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-34.xml
new file mode 100644
index 0000000000..dc1ab39bcc
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-34.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-34">
+  <title>Apache Ant: Multiple vulnerabilities</title>
+  <synopsis>Apache Ant uses various insecure temporary files possibly allowing
+    local code execution.
+  </synopsis>
+  <product type="ebuild">ant</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>723086</bug>
+  <access>local</access>
+  <affected>
+    <package name="dev-java/ant" auto="yes" arch="*">
+      <unaffected range="ge">1.10.8</unaffected>
+      <vulnerable range="lt">1.10.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ant is a Java-based build tool similar to ‘make’ that uses XML
+      configuration files.
+    </p>
+  </background>
+  <description>
+    <p>Apache Ant was found to be using multiple insecure temporary files which
+      may disclose sensitive information or execute code from an unsafe local
+      location.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Ant users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/ant-1.10.8"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1945">CVE-2020-1945</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-19T21:36:39Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:29:36Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-35.xml
new file mode 100644
index 0000000000..0e50ed083b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-35.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-35">
+  <title>ReportLab: Arbitrary code execution</title>
+  <synopsis>A vulnerability allowing arbitrary code execution was found in
+    ReportLab.
+  </synopsis>
+  <product type="ebuild">reportlab</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>710738</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/reportlab" auto="yes" arch="*">
+      <unaffected range="ge">3.5.42</unaffected>
+      <vulnerable range="lt">3.5.42</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ReportLab is an Open Source Python library for generating PDFs and
+      graphics.
+    </p>
+  </background>
+  <description>
+    <p>ReportLab was found to be mishandling XML documents and may evaluate the
+      contents without checking for their safety.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ReportLab users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/reportlab-3.5.42"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17626">CVE-2019-17626</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T01:26:21Z">b-man</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:33:03Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-36.xml
new file mode 100644
index 0000000000..d02db4bdd6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-36.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-36">
+  <title>DjVu: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in DjVu, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">djvu</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>536720</bug>
+  <bug>718552</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-text/djvu" auto="yes" arch="*">
+      <unaffected range="ge">3.5.27-r2</unaffected>
+      <vulnerable range="lt">3.5.27-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>DjVu is a web-centric format and software platform for distributing
+      documents and images.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in DjVu. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All DjVu users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-text/djvu-3.5.27-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15142">CVE-2019-15142</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15143">CVE-2019-15143</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15144">CVE-2019-15144</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15145">CVE-2019-15145</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-28T20:55:25Z">b-man</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:33:13Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-37.xml
new file mode 100644
index 0000000000..939c728346
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-37.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-37">
+  <title>AWStats: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in AWStats, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">awstats</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>646786</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-misc/awstats" auto="yes" arch="*">
+      <unaffected range="ge">7.8</unaffected>
+      <vulnerable range="lt">7.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>AWStats is an advanced log file analyzer and statistics generator.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in AWStats. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All AWStats users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-misc/awstats-7.8"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-1000501">
+      CVE-2017-1000501
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-18T00:02:30Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:37:10Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-38.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-38.xml
new file mode 100644
index 0000000000..7af45ddf4b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-38.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-38">
+  <title>QtGui: Arbitrary code execution</title>
+  <synopsis>A use-after-free was discovered in QtGui's Markdown handling code
+    possibly allowing a remote attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">qtgui</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>719732</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-qt/qtgui" auto="yes" arch="*">
+      <unaffected range="ge">5.14.2</unaffected>
+      <vulnerable range="lt">5.14.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>QtGui is a module for the Qt toolkit.</p>
+  </background>
+  <description>
+    <p>QtGui’s setMarkdown has a use-after-free related to
+      QTextMarkdownImporter::insertBlock.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All QtGui users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-qt/qtgui-5.14.2"
+    </code>
+    
+    <p>Note that the Qt suite is best kept in sync, so a world upgrade may be
+      advisable to keep your system in a good state.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12267">CVE-2020-12267</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-06T21:54:28Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:37:49Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-39.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-39.xml
new file mode 100644
index 0000000000..58f929084a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-39.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-39">
+  <title>Binutils: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Binutils, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">binutils</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>688836</bug>
+  <bug>690590</bug>
+  <bug>711324</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-devel/binutils" auto="yes" arch="*">
+      <unaffected range="ge">2.33.1</unaffected>
+      <vulnerable range="lt">2.33.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The GNU Binutils are a collection of tools to create, modify and analyse
+      binary files. Many of the files use BFD, the Binary File Descriptor
+      library, to do low-level manipulation.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Binutils. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Binutils users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-devel/binutils-2.33.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12972">CVE-2019-12972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14250">CVE-2019-14250</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14444">CVE-2019-14444</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17450">CVE-2019-17450</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17451">CVE-2019-17451</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12972">CVE-2019-12972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14250">CVE-2019-14250</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14444">CVE-2019-14444</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17450">CVE-2019-17450</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17451">CVE-2019-17451</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-20T01:35:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:47:26Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-40.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-40.xml
new file mode 100644
index 0000000000..e9df7724c5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-40.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-40">
+  <title>Thin: Privilege escalation</title>
+  <synopsis>A vulnerability was discovered in Thin which may allow local
+    attackers to kill arbitrary processes (denial of service).
+  </synopsis>
+  <product type="ebuild">thin</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>642200</bug>
+  <access>local</access>
+  <affected>
+    <package name="www-servers/thin" auto="yes" arch="*">
+      <vulnerable range="le">1.7.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Thin is a small and fast Ruby web server.</p>
+  </background>
+  <description>
+    <p>It was discovered that Gentoo’s Thin ebuild does not properly handle
+      its temporary runtime directories. This only affects OpenRC systems, as
+      the flaw was exploitable via the init script.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could cause denial of service by killing arbitrary
+      processes.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for Thin. We recommend that users
+      unmerge Thin:
+    </p>
+    
+    <code>
+      # emerge --unmerge "www-servers/thin"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining Thin have discontinued support
+      at this time. It may be possible that a new Gentoo developer will update
+      Thin at a later date. There are many other web servers available in the
+      tree in the www-servers category.
+    </p>
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-14T00:47:13Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:48:08Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-41.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-41.xml
new file mode 100644
index 0000000000..bf2f0ca236
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-41.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-41">
+  <title>Roundcube: Multiple vulnerabilities</title>
+  <synopsis>A flaw in Roundcube's handling of configuration files may allow
+    arbitrary code execution, amongst other vulnerabilities.
+  </synopsis>
+  <product type="ebuild">Roundcube</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>720876</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/roundcube" auto="yes" arch="*">
+      <unaffected range="ge" slot="1.4.4">1.4.4</unaffected>
+      <unaffected range="ge" slot="1.3.11">1.3.11</unaffected>
+      <vulnerable range="lt" slot="1.4.4">1.4.4</vulnerable>
+      <vulnerable range="lt" slot="1.3.11">1.3.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Free and open source webmail software for the masses, written in PHP.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Roundcube. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Roundcube 1.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/roundcube-1.4.4"
+    </code>
+    
+    <p>All Roundcube 1.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/roundcube-1.3.11"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12625">CVE-2020-12625</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12626">CVE-2020-12626</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12640">CVE-2020-12640</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12641">CVE-2020-12641</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-17T23:26:23Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:48:35Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-42.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-42.xml
new file mode 100644
index 0000000000..ec32f06457
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-42.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-42">
+  <title>LHa: Buffer overflow</title>
+  <synopsis>LHa has a buffer overflow in its compression utility with
+    unspecified impact.
+  </synopsis>
+  <product type="ebuild">lha</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>572418</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-arch/lha" auto="yes" arch="*">
+      <unaffected range="ge">114i_p20201004</unaffected>
+      <vulnerable range="lt">114i_p20201004</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>LHa is a console-based program for packing and unpacking LHarc archives.</p>
+  </background>
+  <description>
+    <p>A buffer overflow in LHa’s compression code was discovered which can
+      be triggered by a crafted input file.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could send a specially crafted file possibly resulting
+      in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All LHa users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-arch/lha-114i_p20201004"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-1925">CVE-2016-1925</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-22T20:49:12Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:53:34Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-43.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-43.xml
new file mode 100644
index 0000000000..ea037b2c02
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-43.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-43">
+  <title>TRE: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in TRE, the worst of which
+    could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">tre</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>597616</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/tre" auto="yes" arch="*">
+      <unaffected range="ge">0.8.0-r2</unaffected>
+      <vulnerable range="lt">0.8.0-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>TRE is the free and portable approximate regex matching library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in TRE. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All TRE users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/tre-0.8.0-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-8859">CVE-2016-8859</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-17T00:41:18Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:53:51Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-44.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-44.xml
new file mode 100644
index 0000000000..faf4a14f3b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-44.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-44">
+  <title>FreeXL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in FreeXL, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">freexl</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>648700</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/freexl" auto="yes" arch="*">
+      <unaffected range="ge">1.0.5</unaffected>
+      <vulnerable range="lt">1.0.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FreeXL is an open source library to extract valid data from within an
+      Excel (.xls) spreadsheet.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in FreeXL. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FreeXL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/freexl-1.0.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7435">CVE-2018-7435</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7436">CVE-2018-7436</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7437">CVE-2018-7437</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7438">CVE-2018-7438</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7439">CVE-2018-7439</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-18T00:12:02Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:53:54Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-45.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-45.xml
new file mode 100644
index 0000000000..0e64d8ef9f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-45.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-45">
+  <title>NTFS-3G: Remote code execution, possible privilege escalation</title>
+  <synopsis>A buffer overflow in NTFS-3g might allow local or remote
+    attacker(s) to execute arbitrary code, or escalate privileges.
+  </synopsis>
+  <product type="ebuild">ntfs-3g</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>717640</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-fs/ntfs3g" auto="yes" arch="*">
+      <unaffected range="ge">2017.3.23-r3</unaffected>
+      <vulnerable range="lt">2017.3.23-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>NTFS-3G is a stable, full-featured, read-write NTFS driver for various
+      operating systems.
+    </p>
+  </background>
+  <description>
+    <p>An integer underflow issue exists in NTFS-3G which may cause a heap
+      buffer overflow with crafted input.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker may be able to execute arbitrary code while a local
+      attacker may be able to escalate privileges.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NTFS-3G users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-fs/ntfs3g-2017.3.23-r3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9755">CVE-2019-9755</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-13T16:28:32Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:59:29Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-46.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-46.xml
new file mode 100644
index 0000000000..f4248489fd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-46.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-46">
+  <title>D-Bus: Denial of service</title>
+  <synopsis>A local Denial of Service vulnerability was discovered in D-Bus.</synopsis>
+  <product type="ebuild">d-bus</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>727104</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/dbus" auto="yes" arch="*">
+      <unaffected range="ge">1.12.18</unaffected>
+      <vulnerable range="lt">1.12.18</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>D-Bus is a message bus system which processes can use to talk to each
+      other.
+    </p>
+  </background>
+  <description>
+    <p>D-Bus does not correctly dispose of old connections meaning that it is
+      possible for D-Bus to hit a connection limit.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All D-Bus users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/dbus-1.12.18"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12049">CVE-2020-12049</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-17T14:28:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:59:39Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-47.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-47.xml
new file mode 100644
index 0000000000..17e4f22573
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-47.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-47">
+  <title>Okular: Local restricted command execution</title>
+  <synopsis>A logic error in Okular might allow an attacker to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">okular</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>712490</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="kde-apps/okular" auto="yes" arch="*">
+      <unaffected range="ge">19.12.3-r1</unaffected>
+      <vulnerable range="lt">19.12.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Okular is a universal document viewer based on KPDF.</p>
+  </background>
+  <description>
+    <p>A logic error was discovered in Okular, which results in trusting action
+      links within a PDF, possibly allowing execution of a binary.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted PDF
+      using Okular, possibly resulting in execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>Avoid opening PDFs from an untrusted source.</p>
+  </workaround>
+  <resolution>
+    <p>All Okular users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-apps/okular-19.12.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9359">CVE-2020-9359</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-13T16:20:40Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T00:59:53Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-48.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-48.xml
new file mode 100644
index 0000000000..d89382e831
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-48.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-48">
+  <title>OCaml: Arbitrary code execution</title>
+  <synopsis>An integer overflow was discovered in OCaml's standard library,
+    possibly allowing arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ocaml</product>
+  <announced>2020-07-27</announced>
+  <revised count="2">2020-07-27</revised>
+  <bug>719134</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-lang/ocaml" auto="yes" arch="*">
+      <unaffected range="ge">4.09.0</unaffected>
+      <vulnerable range="lt">4.09.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OCaml is a high-level, strongly-typed, functional, and object-oriented
+      programming language from the ML family of languages
+    </p>
+  </background>
+  <description>
+    <p>The caml_ba_deserialize function in byterun/bigarray.c in the standard
+      library of OCaml has an integer overflow.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OCaml users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/ocaml-4.09.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-9838">CVE-2018-9838</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:40:49Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T01:25:07Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-49.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-49.xml
new file mode 100644
index 0000000000..b49d290f49
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-49.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-49">
+  <title>Mozilla Network Security Service (NSS): Information disclosure</title>
+  <synopsis>NSS has an information disclosure vulnerability when handling DSA
+    keys.
+  </synopsis>
+  <product type="ebuild">nss</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>726842</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/nss" auto="yes" arch="*">
+      <unaffected range="ge">3.52.1</unaffected>
+      <vulnerable range="lt">3.52.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Mozilla Network Security Service (NSS) is a library implementing
+      security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS
+      #12, S/MIME and X.509 certificates.
+    </p>
+  </background>
+  <description>
+    <p>NSS was found to not always perform constant-time operations when
+      working with DSA key material.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker may be able to obtain information about a DSA private key.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NSS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/nss-3.52.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12399">CVE-2020-12399</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T16:09:23Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T01:25:27Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-50.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-50.xml
new file mode 100644
index 0000000000..850b4d3f93
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-50.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-50">
+  <title>GLib Networking: Improper certificate validation</title>
+  <synopsis>GLib Networking was not properly verifying TLS certificates in all
+    circumstances, possibly allowing an integrity/confidentiality compromise.
+  </synopsis>
+  <product type="ebuild">glib-networking</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>725880</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/glib-networking" auto="yes" arch="*">
+      <unaffected range="ge">2.62.4</unaffected>
+      <vulnerable range="lt">2.62.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Network-related giomodules for glib</p>
+  </background>
+  <description>
+    <p>GTlsClientConnection skips hostname verification of the server’s TLS
+      certificate if the application fails to specify the expected server
+      identity.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>There may be a breach of integrity or confidentiality in connections
+      made using GLib Networking.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GLib Networking users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/glib-networking-2.62.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13645">CVE-2020-13645</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:58:10Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T01:34:12Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-51.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-51.xml
new file mode 100644
index 0000000000..c31beb1558
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-51.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-51">
+  <title>FileZilla: Untrusted search path</title>
+  <synopsis>A vulnerability was found in FileZilla which might allow privilege
+    escalation.
+  </synopsis>
+  <product type="ebuild">filezilla</product>
+  <announced>2020-07-27</announced>
+  <revised count="1">2020-07-27</revised>
+  <bug>717726</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-ftp/filezilla" auto="yes" arch="*">
+      <unaffected range="ge">3.47.2.1</unaffected>
+      <vulnerable range="lt">3.47.2.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FileZilla is an open source FTP client.</p>
+  </background>
+  <description>
+    <p>It was discovered that FileZilla uses an untrusted search path.</p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could use a malicious binary to escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FileZilla users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-ftp/filezilla-3.47.2.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-5429">CVE-2019-5429</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T05:27:52Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-27T01:36:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-52.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-52.xml
new file mode 100644
index 0000000000..ca15b4d4aa
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-52.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-52">
+  <title>mujs: Multiple vulnerabilities
+  </title>
+  <synopsis>Multiple vulnerabilities have been found in mujs, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">mujs</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>719248</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-lang/mujs" auto="yes" arch="*">
+      <unaffected range="ge">1.0.6</unaffected>
+      <vulnerable range="lt">1.0.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>mujs is an embeddable Javascript interpreter in C.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in mujs. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All mujs users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/mujs-"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-11411">CVE-2019-11411</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-11412">CVE-2019-11412</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-11413">CVE-2019-11413</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T23:02:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:28:15Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-53.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-53.xml
new file mode 100644
index 0000000000..4a0f3ad7e3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-53.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-53">
+  <title>Dropbear: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Dropbear, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">dropbear</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>723848</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/dropbear" auto="yes" arch="*">
+      <unaffected range="ge">2020.80</unaffected>
+      <vulnerable range="lt">2020.80</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dropbear is an SSH server and client designed with a small memory
+      footprint.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Dropbear. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Dropbear users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/dropbear-2020.80"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-0739">CVE-2018-0739</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12437">CVE-2018-12437</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20685">CVE-2018-20685</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T22:58:27Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:29:15Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-54.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-54.xml
new file mode 100644
index 0000000000..72209c2221
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-54.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-54">
+  <title>rsync: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in rsync, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">rsync</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>728852</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/rsync" auto="yes" arch="*">
+      <unaffected range="ge">3.2.0</unaffected>
+      <vulnerable range="lt">3.2.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>File transfer program to keep remote files into sync.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in rsync (within bundled
+      zlib). Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All rsync users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/rsync-3.2.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-9840">CVE-2016-9840</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-9841">CVE-2016-9841</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-9842">CVE-2016-9842</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-9843">CVE-2016-9843</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T22:51:51Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:29:58Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-55.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-55.xml
new file mode 100644
index 0000000000..cb2f337bff
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-55.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-55">
+  <title>libetpan: Improper STARTTLS handling</title>
+  <synopsis>A vulnerability was discovered in libetpan's STARTTLS handling,
+    possibly allowing an integrity/confidentiality compromise.
+  </synopsis>
+  <product type="ebuild">libetpan</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>734130</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/libetpan" auto="yes" arch="*">
+      <unaffected range="ge">1.9.4-r1</unaffected>
+      <vulnerable range="lt">1.9.4-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libetpan is a portable, efficient middleware for different kinds of mail
+      access.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that libetpan was not properly handling state within
+      the STARTTLS protocol handshake.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>There may be a breach of integrity or confidentiality in connections
+      made using libetpan with STARTTLS.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libetpan users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/libetpan-1.9.4-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15953">CVE-2020-15953</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T22:44:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:35:55Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-56.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-56.xml
new file mode 100644
index 0000000000..f71973e186
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-56.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-56">
+  <title>Claws Mail: Improper STARTTLS handling</title>
+  <synopsis>A vulnerability was discovered in Claws Mail's STARTTLS handling,
+    possibly allowing an integrity/confidentiality compromise.
+  </synopsis>
+  <product type="ebuild">claws-mail</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>733684</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/claws-mail" auto="yes" arch="*">
+      <unaffected range="ge">3.17.6</unaffected>
+      <vulnerable range="lt">3.17.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Claws Mail is a GTK based e-mail client.</p>
+  </background>
+  <description>
+    <p>It was discovered that Claws Mail was not properly handling state within
+      the STARTTLS protocol handshake.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>There may be a breach of integrity or confidentiality in connections
+      made using Claws Mail with STARTTLS.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Claws Mail users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/claws-mail-3.17.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15917">CVE-2020-15917</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T16:52:43Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:36:02Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-57.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-57.xml
new file mode 100644
index 0000000000..3c2e72d851
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-57.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-57">
+  <title>Mutt, Neomutt: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mutt and Neomutt, the
+    worst of which could result in an access restriction bypass.
+  </synopsis>
+  <product type="ebuild">mutt,neomutt</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>728294</bug>
+  <bug>728302</bug>
+  <bug>728708</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/mutt" auto="yes" arch="*">
+      <unaffected range="ge">1.14.4</unaffected>
+      <vulnerable range="lt">1.14.4</vulnerable>
+    </package>
+    <package name="mail-client/neomutt" auto="yes" arch="*">
+      <unaffected range="ge">20200619</unaffected>
+      <vulnerable range="lt">20200619</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mutt is a small but very powerful text-based mail client.</p>
+    
+    <p>NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt
+      with added features.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mutt and Neomutt.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/mutt-1.14.4"
+    </code>
+    
+    <p>All Neomutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/neomutt-20200619"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14093">CVE-2020-14093</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14154">CVE-2020-14154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14954">CVE-2020-14954</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:29:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:36:11Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-58.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-58.xml
new file mode 100644
index 0000000000..5e62fba956
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-58.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-58">
+  <title>FFmpeg: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in FFmpeg, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ffmpeg</product>
+  <announced>2020-07-28</announced>
+  <revised count="1">2020-07-28</revised>
+  <bug>718012</bug>
+  <bug>719940</bug>
+  <bug>727450</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-video/ffmpeg" auto="yes" arch="*">
+      <unaffected range="ge">4.2.4</unaffected>
+      <vulnerable range="lt">4.2.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FFmpeg is a complete, cross-platform solution to record, convert and
+      stream audio and video.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in FFmpeg. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FFmpeg users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-video/ffmpeg-4.2.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-13312">CVE-2019-13312</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15942">CVE-2019-15942</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12284">CVE-2020-12284</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13904">CVE-2020-13904</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14212">CVE-2020-14212</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-27T16:48:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-28T19:36:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-59.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-59.xml
new file mode 100644
index 0000000000..affe1e4294
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-59.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-59">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-07-29</announced>
+  <revised count="1">2020-07-29</revised>
+  <bug>734150</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.105</unaffected>
+      <vulnerable range="lt">84.0.4147.105</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.105</unaffected>
+      <vulnerable range="lt">84.0.4147.105</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-84.0.4147.105"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-84.0.4147.105"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6532">CVE-2020-6532</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6537">CVE-2020-6537</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6538">CVE-2020-6538</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6539">CVE-2020-6539</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6540">CVE-2020-6540</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6541">CVE-2020-6541</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-28T20:50:18Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-29T17:23:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-60.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-60.xml
new file mode 100644
index 0000000000..5edcdfccdf
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-60.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-60">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2020-07-30</announced>
+  <revised count="1">2020-07-30</revised>
+  <bug>734324</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">68.11.0</unaffected>
+      <vulnerable range="lt">68.11.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.11.0</unaffected>
+      <vulnerable range="lt">68.11.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      Project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.11.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-68.11.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15652">CVE-2020-15652</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15659">CVE-2020-15659</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6463">CVE-2020-6463</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-28T20:49:41Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-30T03:20:17Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-61.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-61.xml
new file mode 100644
index 0000000000..1b54bb27df
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-61.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-61">
+  <title>WebKitGTK+: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WebKitGTK+, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">webkitgtk+</product>
+  <announced>2020-07-31</announced>
+  <revised count="1">2020-07-31</revised>
+  <bug>734584</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/webkit-gtk" auto="yes" arch="*">
+      <unaffected range="ge">2.28.4</unaffected>
+      <vulnerable range="lt">2.28.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
+      suitable for projects requiring any kind of web integration, from hybrid
+      HTML/CSS applications to full-fledged web browsers.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WebKitGTK+. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WebKitGTK+ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.28.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9862">CVE-2020-9862</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9893">CVE-2020-9893</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9894">CVE-2020-9894</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9895">CVE-2020-9895</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9915">CVE-2020-9915</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9925">CVE-2020-9925</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-29T18:52:03Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-31T17:08:46Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-62.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-62.xml
new file mode 100644
index 0000000000..6186762c7c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-62.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-62">
+  <title>PyCrypto: Weak key generation</title>
+  <synopsis>A flaw in PyCrypto allow remote attackers to obtain sensitive
+    information.
+  </synopsis>
+  <product type="ebuild">pycrypto</product>
+  <announced>2020-07-31</announced>
+  <revised count="1">2020-07-31</revised>
+  <bug>703682</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/pycrypto" auto="yes" arch="*">
+      <vulnerable range="le">2.6.1-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PyCrypto is the Python Cryptography Toolkit.</p>
+  </background>
+  <description>
+    <p>It was discovered that PyCrypto incorrectly generated ElGamal key
+      parameters.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Attackers may be able to obtain sensitive information by reading
+      ciphertext data.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for PyCrypto. We recommend that users
+      unmerge PyCrypto:
+    </p>
+    
+    <p># emerge --unmerge “dev-python/pycrypto”</p>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining PyCrypto have discontinued
+      support at this time. PyCryptodome is the canonical successor to
+      PyCrypto.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6594">CVE-2018-6594</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-30T01:21:33Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-31T17:10:46Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-63.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-63.xml
new file mode 100644
index 0000000000..b9966a5a0b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-63.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-63">
+  <title>SNMP Trap Translator: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in SNMP Trap Translator,
+    the worst of which could allow attackers to execute arbitrary shell code.
+  </synopsis>
+  <product type="ebuild">snmptt</product>
+  <announced>2020-07-31</announced>
+  <revised count="2">2020-08-16</revised>
+  <bug>733478</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/snmptt" auto="yes" arch="*">
+      <unaffected range="ge">1.4.1</unaffected>
+      <vulnerable range="lt">1.4.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>SNMP Trap Translator (SNMPTT) is an SNMP trap handler written in Perl.</p>
+  </background>
+  <description>
+    <p>It was found that SNMP Trap Translator does not drop privileges as
+      configured and does not properly escape shell commands in certain
+      functions.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by sending a malicious crafted SNMP trap, could
+      possibly execute arbitrary shell code with the privileges of the process
+      or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SNMP Trap Translator users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/snmptt-1.4.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://sourceforge.net/p/snmptt/git/ci/snmptt_1-4-1/tree/snmptt/ChangeLog">
+      SNMPTT 1.4.1 ChangeLog
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24361">CVE-2020-24361</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:27:28Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-16T05:36:38Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-64.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-64.xml
new file mode 100644
index 0000000000..1267eab96b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-64.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-64">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2020-07-31</announced>
+  <revised count="2">2020-07-31</revised>
+  <bug>734978</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">68.11.0</unaffected>
+      <vulnerable range="lt">68.11.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.11.0</unaffected>
+      <vulnerable range="lt">68.11.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-68.11.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-68.11.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15652">CVE-2020-15652</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15659">CVE-2020-15659</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6463">CVE-2020-6463</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6514">CVE-2020-6514</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/">
+      MFSA-2020-35
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-31T17:27:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-31T19:04:30Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-65.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-65.xml
new file mode 100644
index 0000000000..afb2aede7b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202007-65.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202007-65">
+  <title>libsndfile: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libsndfile, the worst
+    of which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libsndfile</product>
+  <announced>2020-07-31</announced>
+  <revised count="1">2020-07-31</revised>
+  <bug>631674</bug>
+  <bug>671834</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/libsndfile" auto="yes" arch="*">
+      <unaffected range="ge">1.0.29_pre2_p20191024</unaffected>
+      <vulnerable range="lt">1.0.29_pre2_p20191024</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libsndfile is a C library for reading and writing files containing
+      sampled sound.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libsndfile. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libsndfile users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-libs/libsndfile-1.0.29_pre2_p20191024"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14245">CVE-2017-14245</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14246">CVE-2017-14246</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3832">CVE-2019-3832</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-16T01:07:57Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-07-31T19:55:37Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-01.xml
new file mode 100644
index 0000000000..3027067a0e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-01.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-01">
+  <title>Python: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Python, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">python</product>
+  <announced>2020-08-02</announced>
+  <revised count="1">2020-08-02</revised>
+  <bug>728668</bug>
+  <bug>732498</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-lang/python" auto="yes" arch="*">
+      <unaffected range="ge" slot="2.7">2.7.18-r1</unaffected>
+      <unaffected range="ge" slot="3.6">3.6.11-r2</unaffected>
+      <unaffected range="ge" slot="3.7">3.7.8-r2</unaffected>
+      <unaffected range="ge" slot="3.8">3.8.4-r1</unaffected>
+      <vulnerable range="lt" slot="2.7">2.7.18-r1</vulnerable>
+      <vulnerable range="lt" slot="3.6">3.6.11-r2</vulnerable>
+      <vulnerable range="lt" slot="3.7">3.7.8-r2</vulnerable>
+      <vulnerable range="lt" slot="3.8">3.8.4-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Python is an interpreted, interactive, object-oriented programming
+      language.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Python. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Python 2.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.18-r1"
+    </code>
+    
+    <p>All Python 3.6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.6.11-r2"
+    </code>
+    
+    <p>All Python 3.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.7.8-r2"
+    </code>
+    
+    <p>All Python 3.8 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.8.4-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20907">CVE-2019-20907</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14422">CVE-2020-14422</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-31T17:34:38Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-02T03:19:15Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-02.xml
new file mode 100644
index 0000000000..fb25e05173
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-02.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-02">
+  <title>GNU GLOBAL: Arbitrary code execution</title>
+  <synopsis>A vulnerability in GNU GLOBAL was discovered, possibly allowing
+    remote attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">global</product>
+  <announced>2020-08-08</announced>
+  <revised count="1">2020-08-08</revised>
+  <bug>646348</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-util/global" auto="yes" arch="*">
+      <unaffected range="ge">6.6.4</unaffected>
+      <vulnerable range="lt">6.6.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNU GLOBAL is a source code tagging system that works the same way
+      across diverse environments, such as Emacs editor, Vi editor, Less
+      viewer, Bash shell, various web browsers, etc.
+    </p>
+  </background>
+  <description>
+    <p>A vulnerability was found in an undocumented function of gozilla.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted URL
+      using GNU GLOBAL, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNU GLOBAL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-util/global-6.6.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-17531">CVE-2017-17531</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-08T02:37:03Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-08T04:17:26Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-03.xml
new file mode 100644
index 0000000000..3aac543e24
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-03.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-03">
+  <title>Ark: Arbitrary code execution</title>
+  <synopsis>Ark was found to allow arbitrary file overwrite, possibly allowing
+    arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">ark</product>
+  <announced>2020-08-08</announced>
+  <revised count="1">2020-08-08</revised>
+  <bug>734622</bug>
+  <access>remote</access>
+  <affected>
+    <package name="kde-apps/ark" auto="yes" arch="*">
+      <unaffected range="ge">20.04.3-r1</unaffected>
+      <vulnerable range="lt">20.04.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ark is a graphical file compression/decompression utility with support
+      for multiple formats.
+    </p>
+  </background>
+  <description>
+    <p>A maliciously crafted archive with “../” in the file path(s) could
+      install files anywhere in the user’s home directory upon extraction.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      archive using Ark, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>Avoid opening untrusted archives.</p>
+  </workaround>
+  <resolution>
+    <p>All Ark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-apps/ark-20.04.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16116">CVE-2020-16116</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-08T02:42:50Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-08T04:18:09Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-04.xml
new file mode 100644
index 0000000000..cfae51c02f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-04.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-04">
+  <title>Apache: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Apache, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">apache</product>
+  <announced>2020-08-08</announced>
+  <revised count="1">2020-08-08</revised>
+  <bug>736282</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/apache" auto="yes" arch="*">
+      <unaffected range="ge">2.4.46</unaffected>
+      <vulnerable range="lt">2.4.46</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Apache HTTP server is one of the most popular web servers on the
+      Internet.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Apache. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/apache-2.4.46"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11984">CVE-2020-11984</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11985">CVE-2020-11985</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11993">CVE-2020-11993</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9490">CVE-2020-9490</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-08T03:51:27Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-08T04:18:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-05.xml
new file mode 100644
index 0000000000..bf2114ea11
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-05.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-05">
+  <title>gThumb: Arbitrary code execution</title>
+  <synopsis>A buffer overflow in gThumb might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">gthumb</product>
+  <announced>2020-08-08</announced>
+  <revised count="1">2020-08-08</revised>
+  <bug>712932</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-gfx/gthumb" auto="yes" arch="*">
+      <unaffected range="ge">3.10.0</unaffected>
+      <vulnerable range="lt">3.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>gThumb is an image viewer and browser for GNOME.</p>
+  </background>
+  <description>
+    <p>A heap-based buffer overflow in gThumb’s
+      _cairo_image_surface_create_from_jpeg() function, located in
+      extensions/cairo_io/cairo-image-surface-jpeg.c was discovered.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted image
+      file using gThumb, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All gThumb users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-gfx/gthumb-3.10.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20326">CVE-2019-20326</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-08T01:58:55Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-08T04:18:29Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-06.xml
new file mode 100644
index 0000000000..56806d91c7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-06.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-06">
+  <title>iproute2: Denial of service</title>
+  <synopsis>A use-after-free was found in iproute2, possibly allowing a Denial
+    of Service condition. 
+  </synopsis>
+  <product type="ebuild">iproute2</product>
+  <announced>2020-08-08</announced>
+  <revised count="1">2020-08-08</revised>
+  <bug>722144</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/iproute2" auto="yes" arch="*">
+      <unaffected range="ge">5.1.0</unaffected>
+      <vulnerable range="lt">5.1.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>iproute2 is a set of tools for managing Linux network routing and
+      advanced features.
+    </p>
+  </background>
+  <description>
+    <p>iproute2 was found to contain a use-after-free in get_netnsid_from_name
+      in ip/ipnetns.c.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, able to feed iproute2 crafted data, may be able to
+      cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All iproute2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/iproute2-5.1.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20795">CVE-2019-20795</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-03T07:01:06Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-08T04:18:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-07.xml
new file mode 100644
index 0000000000..9105017da9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-07.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-07">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-08-12</announced>
+  <revised count="1">2020-08-12</revised>
+  <bug>736659</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.125</unaffected>
+      <vulnerable range="lt">84.0.4147.125</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.125</unaffected>
+      <vulnerable range="lt">84.0.4147.125</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-84.0.4147.125"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-84.0.4147.125"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6542">CVE-2020-6542</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6543">CVE-2020-6543</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6544">CVE-2020-6544</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6545">CVE-2020-6545</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6547">CVE-2020-6547</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6548">CVE-2020-6548</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6549">CVE-2020-6549</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6550">CVE-2020-6550</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6551">CVE-2020-6551</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6552">CVE-2020-6552</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6553">CVE-2020-6553</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6554">CVE-2020-6554</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6555">CVE-2020-6555</uri>
+    <uri link="https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-11T22:31:50Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-12T06:05:51Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-08.xml
new file mode 100644
index 0000000000..52d74e6941
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-08.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-08">
+  <title>Mozilla Network Security Service (NSS): Multiple vulnerabilities</title>
+  <synopsis>NSS has multiple information disclosure vulnerabilities when
+    handling secret key material.
+  </synopsis>
+  <product type="ebuild">nss</product>
+  <announced>2020-08-19</announced>
+  <revised count="1">2020-08-19</revised>
+  <bug>734986</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/nss" auto="yes" arch="*">
+      <unaffected range="ge">3.55</unaffected>
+      <vulnerable range="lt">3.55</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Mozilla Network Security Service (NSS) is a library implementing
+      security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS
+      #12, S/MIME and X.509 certificates.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in NSS. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker may be able to obtain information about secret key material.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NSS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/nss-3.55"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12400">CVE-2020-12400</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12401">CVE-2020-12401</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12403">CVE-2020-12403</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-15T02:24:22Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-19T11:08:43Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-09.xml
new file mode 100644
index 0000000000..b70ae35ee7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-09.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-09">
+  <title>Shadow: Privilege escalation</title>
+  <synopsis>Multiple Shadow utilities were installed with setuid permissions,
+    allowing possible root privilege escalation.
+  </synopsis>
+  <product type="ebuild">shadow</product>
+  <announced>2020-08-25</announced>
+  <revised count="1">2020-08-25</revised>
+  <bug>702252</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/shadow" auto="yes" arch="*">
+      <unaffected range="ge">4.8-r3</unaffected>
+      <vulnerable range="lt">4.8-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Shadow is a set of tools to deal with user accounts.</p>
+  </background>
+  <description>
+    <p>When Shadow was installed with the PAM use flag, setuid binaries
+      provided by Shadow were not properly restricted.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could escalate privileges to root.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Shadow users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/shadow-4.8-r3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-19882">CVE-2019-19882</uri>
+    <uri link="https://github.com/shadow-maint/shadow/pull/199">Upstream
+      mitigation
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-24T00:55:20Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-25T12:51:43Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-10.xml
new file mode 100644
index 0000000000..4dd751b4bc
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-10.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-10">
+  <title>Chromium, Google Chrome: Heap buffer overflow</title>
+  <synopsis>
+    A vulnerablity has been found in Chromium and Google Chrome that could
+    allow a remote attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-08-25</announced>
+  <revised count="1">2020-08-25</revised>
+  <bug>737942</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.135</unaffected>
+      <vulnerable range="lt">84.0.4147.135</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">84.0.4147.135</unaffected>
+      <vulnerable range="lt">84.0.4147.135</vulnerable>
+    </package>
+  </affected>
+  <background>
+    
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>A buffer overflow has been discovered in Chromium and Google Chrome’s
+      SwiftShader component.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by enticing a user to visit a specially crafted
+      website, could execute arbitrary code with the privileges of the process.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-84.0.4147.135"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-84.0.4147.135"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6556">CVE-2020-6556</uri>
+    <uri link="https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_18.html">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-24T00:46:35Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-25T12:53:21Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-11.xml
new file mode 100644
index 0000000000..41360a2fea
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-11.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-11">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-08-26</announced>
+  <revised count="1">2020-08-26</revised>
+  <bug>738998</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.83</unaffected>
+      <vulnerable range="lt">85.0.4183.83</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.83</unaffected>
+      <vulnerable range="lt">85.0.4183.83</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-85.0.4183.83"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-85.0.4183.83"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6559">CVE-2020-6559</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6560">CVE-2020-6560</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6561">CVE-2020-6561</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6562">CVE-2020-6562</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6563">CVE-2020-6563</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6564">CVE-2020-6564</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6565">CVE-2020-6565</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6566">CVE-2020-6566</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6567">CVE-2020-6567</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6568">CVE-2020-6568</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6569">CVE-2020-6569</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6570">CVE-2020-6570</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6571">CVE-2020-6571</uri>
+    <uri link="https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-25T22:23:14Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-26T21:30:54Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-12.xml
new file mode 100644
index 0000000000..cdcf07b143
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-12.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-12">
+  <title>Net-SNMP: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Net-SNMP, the worst of
+    which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">Net-SNMP</product>
+  <announced>2020-08-26</announced>
+  <revised count="1">2020-08-26</revised>
+  <bug>729610</bug>
+  <bug>734994</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-analyzer/net-snmp" auto="yes" arch="*">
+      <unaffected range="ge">5.8.1_pre1</unaffected>
+      <vulnerable range="lt">5.8.1_pre1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Net-SNMP bundles software for generating and retrieving SNMP data.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Net-SNMP. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Net-SNMP users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=net-analyzer/net-snmp-5.8.1_pre1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20892">CVE-2019-20892</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15861">CVE-2020-15861</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15862">CVE-2020-15862</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-24T01:05:52Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-26T21:31:52Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-13.xml
new file mode 100644
index 0000000000..a55d622083
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-13.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-13">
+  <title>PostgreSQL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PostgreSQL, the worst
+    of which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">postgresql</product>
+  <announced>2020-08-26</announced>
+  <revised count="1">2020-08-26</revised>
+  <bug>737032</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/postgresql" auto="yes" arch="*">
+      <unaffected range="ge" slot="9.5">9.5.23</unaffected>
+      <unaffected range="ge" slot="9.6">9.6.19</unaffected>
+      <unaffected range="ge" slot="10">10.14</unaffected>
+      <unaffected range="ge" slot="11">11.9</unaffected>
+      <unaffected range="ge" slot="12">12.4</unaffected>
+      <vulnerable range="lt" slot="9.5">9.5.23</vulnerable>
+      <vulnerable range="lt" slot="9.6">9.6.19</vulnerable>
+      <vulnerable range="lt" slot="10">10.14</vulnerable>
+      <vulnerable range="lt" slot="11">11.9</vulnerable>
+      <vulnerable range="lt" slot="12">12.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PostgreSQL is an open source object-relational database management
+      system.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PostgreSQL. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PostgreSQL 9.5 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.5.23:9.5"
+    </code>
+    
+    <p>All PostgreSQL 9.6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.6.19:9.6"
+    </code>
+    
+    <p>All PostgreSQL 10 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-10.14:10"
+    </code>
+    
+    <p>All PostgreSQL 11 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-11.9:11"
+    </code>
+    
+    <p>All PostgreSQL 12 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-12.4:12"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14349">CVE-2020-14349</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14350">CVE-2020-14350</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-24T15:56:48Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-26T21:32:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-14.xml
new file mode 100644
index 0000000000..e7a8b15cd1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-14.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-14">
+  <title>Wireshark: Denial of service</title>
+  <synopsis>A vulnerability in Wireshark could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2020-08-26</announced>
+  <revised count="1">2020-08-26</revised>
+  <bug>736914</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">3.2.6</unaffected>
+      <vulnerable range="lt">3.2.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Wireshark is a network protocol analyzer formerly known as ethereal.</p>
+  </background>
+  <description>
+    <p>A double free error was discovered in Wireshark’s Kafka dissector.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could exploit these vulnerabilities by sending a
+      malformed packet or enticing a user to read a malformed packet trace
+      file, causing a Denial of Service.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Wireshark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-3.2.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17498">CVE-2020-17498</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-26T14:35:43Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-26T21:33:02Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-15.xml
new file mode 100644
index 0000000000..20e4c75b7c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-15.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-15">
+  <title>Docker: Information disclosure</title>
+  <synopsis>A flaw in Docker allowed possible information leakage.</synopsis>
+  <product type="ebuild">docker</product>
+  <announced>2020-08-26</announced>
+  <revised count="1">2020-08-26</revised>
+  <bug>729208</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-emulation/docker" auto="yes" arch="*">
+      <unaffected range="ge">19.03.12</unaffected>
+      <vulnerable range="lt">19.03.12</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Docker is the world’s leading software containerization platform.</p>
+  </background>
+  <description>
+    <p>It was found that Docker created network bridges which by default accept
+      IPv6 router advertisements.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker who gained access to a container with CAP_NET_RAW capability
+      may be able to to spoof router advertisements, resulting in information
+      disclosure or denial of service.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Docker users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/docker-19.03.12"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13401">CVE-2020-13401</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-26T14:40:16Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-26T21:33:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-16.xml
new file mode 100644
index 0000000000..7ffbf3730c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-16.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-16">
+  <title>Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox and
+    Mozilla Thunderbird, the worst of which could result in the arbitrary
+    execution of code.
+  </synopsis>
+  <product type="ebuild">firefox,thunderbird</product>
+  <announced>2020-08-27</announced>
+  <revised count="1">2020-08-27</revised>
+  <bug>739006</bug>
+  <bug>739164</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">68.12.0</unaffected>
+      <vulnerable range="lt">68.12.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.12.0</unaffected>
+      <vulnerable range="lt">68.12.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">68.12.0</unaffected>
+      <vulnerable range="lt">68.12.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">68.12.0</unaffected>
+      <vulnerable range="lt">68.12.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      Project.
+    </p>
+    
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox and
+      Mozilla Thunderbird. Please review the CVE identifiers referenced below
+      for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-68.12.0"
+    </code>
+    
+    <p>All Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-68.12.0"
+    </code>
+    
+    <p>All Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-68.12.0"
+    </code>
+    
+    <p>All Thunderbird binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-68.12.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15664">CVE-2020-15664</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15669">CVE-2020-15669</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/">
+      Upstream advisory (MFSA-2020-37)
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/">
+      Upstream advisory (MFSA-2020-38)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-25T22:21:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-27T00:54:51Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-17.xml
new file mode 100644
index 0000000000..dc913a9dec
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-17.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-17">
+  <title>Redis: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Redis, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">redis</product>
+  <announced>2020-08-27</announced>
+  <revised count="1">2020-08-27</revised>
+  <bug>633824</bug>
+  <bug>724776</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/redis" auto="yes" arch="*">
+      <unaffected range="ge">5.0.9</unaffected>
+      <vulnerable range="lt">5.0.9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Redis is an open source (BSD licensed), in-memory data structure store,
+      used as a database, cache and message broker.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Redis. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Redis users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/redis-5.0.9"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15047">CVE-2017-15047</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14147">CVE-2020-14147</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-07-26T15:46:59Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-27T23:54:53Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-18.xml
new file mode 100644
index 0000000000..5989b06e8b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-18.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-18">
+  <title>X.Org X11 library: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in X.org X11 library, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">xorg x11 library</product>
+  <announced>2020-08-27</announced>
+  <revised count="1">2020-08-27</revised>
+  <bug>734974</bug>
+  <bug>738984</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="x11-libs/libX11" auto="yes" arch="*">
+      <unaffected range="ge">1.6.12</unaffected>
+      <vulnerable range="lt">1.6.12</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>X.Org is an implementation of the X Window System. The X.Org X11 library
+      provides the X11 protocol library files.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in X.org X11 library.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All X.org X11 library users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=x11-libs/libX11-1.6.12"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14344">CVE-2020-14344</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14363">CVE-2020-14363</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-25T22:22:34Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-27T23:55:44Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-19.xml
new file mode 100644
index 0000000000..c19d5d126c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-19.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-19">
+  <title>BIND: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in BIND, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">bind</product>
+  <announced>2020-08-29</announced>
+  <revised count="1">2020-08-29</revised>
+  <bug>738250</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-dns/bind" auto="yes" arch="*">
+      <unaffected range="ge">9.16.6</unaffected>
+      <vulnerable range="lt">9.16.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>BIND (Berkeley Internet Name Domain) is a Name Server.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in BIND. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All BIND users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/bind-9.16.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8620">CVE-2020-8620</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8621">CVE-2020-8621</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8622">CVE-2020-8622</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8623">CVE-2020-8623</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8624">CVE-2020-8624</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-29T20:46:51Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-29T22:10:45Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-20.xml
new file mode 100644
index 0000000000..58f28b0be4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-20.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-20">
+  <title>GPL Ghostscript: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in GPL Ghostscript, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ghostscript</product>
+  <announced>2020-08-29</announced>
+  <revised count="1">2020-08-29</revised>
+  <bug>734322</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-text/ghostscript-gpl" auto="yes" arch="*">
+      <unaffected range="ge">9.52</unaffected>
+      <vulnerable range="lt">9.52</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ghostscript is an interpreter for the PostScript language and for PDF.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in GPL Ghostscript. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GPL Ghostscript users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-text/ghostscript-gpl-9.52"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15900">CVE-2020-15900</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16287">CVE-2020-16287</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16288">CVE-2020-16288</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16289">CVE-2020-16289</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16290">CVE-2020-16290</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16291">CVE-2020-16291</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16292">CVE-2020-16292</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16293">CVE-2020-16293</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16294">CVE-2020-16294</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16295">CVE-2020-16295</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16296">CVE-2020-16296</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16297">CVE-2020-16297</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16298">CVE-2020-16298</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16299">CVE-2020-16299</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16300">CVE-2020-16300</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16301">CVE-2020-16301</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16302">CVE-2020-16302</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16303">CVE-2020-16303</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16304">CVE-2020-16304</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16305">CVE-2020-16305</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16306">CVE-2020-16306</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16307">CVE-2020-16307</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16308">CVE-2020-16308</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16309">CVE-2020-16309</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16310">CVE-2020-16310</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17538">CVE-2020-17538</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-29T18:24:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-29T22:11:16Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-21.xml
new file mode 100644
index 0000000000..95b86052c0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-21.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-21">
+  <title>Kleopatra: Remote code execution</title>
+  <synopsis>A vulnerability in Kleopatra allows arbitrary execution of code.</synopsis>
+  <product type="ebuild">kleopatra</product>
+  <announced>2020-08-30</announced>
+  <revised count="1">2020-08-30</revised>
+  <bug>739556</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="kde-apps/kleopatra" auto="yes" arch="*">
+      <unaffected range="ge">20.04.3-r1</unaffected>
+      <vulnerable range="lt">20.04.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Kleopatra is a certificate manager and a universal crypto GUI. It
+      supports managing X.509 and OpenPGP certificates in the GpgSM keybox and
+      retrieving certificates from LDAP servers.
+    </p>
+  </background>
+  <description>
+    <p>Kleopatra did not safely escape command line parameters provided by
+      URLs, which it configures itself to handle.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to process a specially crafted URL
+      via openpgp4fpr handler, possibly resulting in execution of arbitrary
+      code with the privileges of the process, or cause a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Kleopatra users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-apps/kleopatra-20.04.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24972">CVE-2020-24972</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-30T18:54:35Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-30T21:04:03Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-22.xml
new file mode 100644
index 0000000000..acef962fdf
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-22.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-22">
+  <title>targetcli-fb: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in targetcli-fb, the worst
+    of which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">targetcli-fb</product>
+  <announced>2020-08-30</announced>
+  <revised count="1">2020-08-30</revised>
+  <bug>736086</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-block/targetcli-fb" auto="yes" arch="*">
+      <unaffected range="ge">2.1.53</unaffected>
+      <vulnerable range="lt">2.1.53</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Tool for managing the Linux LIO kernel target.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in targetcli-fb. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All targetcli-fb users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-block/targetcli-fb-2.1.53"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10699">CVE-2020-10699</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13867">CVE-2020-13867</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-29T02:17:40Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-30T21:08:50Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-23.xml
new file mode 100644
index 0000000000..c4ea9bb571
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-23.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-23">
+  <title>chrony: Symlink vulnerability</title>
+  <synopsis>A vulnerability in chrony may allow a privileged attacker to cause
+    data loss via a symlink.
+  </synopsis>
+  <product type="ebuild">chrony</product>
+  <announced>2020-08-30</announced>
+  <revised count="1">2020-08-30</revised>
+  <bug>738154</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-misc/chrony" auto="yes" arch="*">
+      <unaffected range="ge">3.5.1</unaffected>
+      <vulnerable range="lt">3.5.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>chrony is a versatile implementation of the Network Time Protocol (NTP).</p>
+  </background>
+  <description>
+    <p>It was found that chrony did not check whether its PID file was a
+      symlink.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could perform symlink attack(s) to overwrite arbitrary
+      files with root privileges.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All chrony users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/chrony-3.5.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14367">CVE-2020-14367</uri>
+    <uri link="https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2020/08/msg00000.html">
+      chrony-3.5.1 release announcement
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-25T23:32:37Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-30T21:09:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-24.xml
new file mode 100644
index 0000000000..a8c11cd49f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202008-24.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202008-24">
+  <title>OpenJDK: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenJDK, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">openjdk</product>
+  <announced>2020-08-30</announced>
+  <revised count="1">2020-08-30</revised>
+  <bug>732624</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/openjdk" auto="yes" arch="*">
+      <unaffected range="ge" slot="8">8.262_p01</unaffected>
+      <vulnerable range="lt" slot="8">8.262_p01</vulnerable>
+    </package>
+    <package name="dev-java/openjdk-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="8">8.262_p01</unaffected>
+      <vulnerable range="lt" slot="8">8.262_p01</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenJDK is a free and open-source implementation of the Java Platform,
+      Standard Edition.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenJDK. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenJDK users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/openjdk-8.262_p01"
+    </code>
+    
+    <p>All OpenJDK binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/openjdk-bin-8.262_p01"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14556">CVE-2020-14556</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14562">CVE-2020-14562</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14573">CVE-2020-14573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14578">CVE-2020-14578</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14579">CVE-2020-14579</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14583">CVE-2020-14583</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14593">CVE-2020-14593</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14621">CVE-2020-14621</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-26T14:46:09Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-08-30T21:12:11Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-01.xml
new file mode 100644
index 0000000000..0bb5e7ea2a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-01.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-01">
+  <title>GnuTLS: Denial of service</title>
+  <synopsis>A flaw was found in GnuTLS, possibly allowing a Denial of Service
+    condition. 
+  </synopsis>
+  <product type="ebuild">gnutls</product>
+  <announced>2020-09-06</announced>
+  <revised count="1">2020-09-06</revised>
+  <bug>740390</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-libs/gnutls" auto="yes" arch="*">
+      <unaffected range="ge">3.6.15</unaffected>
+      <vulnerable range="lt">3.6.15</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GnuTLS is an Open Source implementation of the TLS and SSL protocols.</p>
+  </background>
+  <description>
+    <p>It was found that GnuTLS didn’t handle “no_renegotiation” alert
+      properly.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to connect to a malicious TLS
+      endpoint using an application linked against GnuTLS, possibly resulting
+      in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GnuTLS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/gnutls-3.6.15"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24659">CVE-2020-24659</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-05T22:09:30Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-06T00:19:19Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-02.xml
new file mode 100644
index 0000000000..72f3601248
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-02.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-02">
+  <title>Dovecot: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Dovecot, the worst of
+    which could allow remote attackers to cause a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">dovecot</product>
+  <announced>2020-09-06</announced>
+  <revised count="1">2020-09-06</revised>
+  <bug>736617</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-mail/dovecot" auto="yes" arch="*">
+      <unaffected range="ge">2.3.11.3</unaffected>
+      <vulnerable range="lt">2.3.11.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dovecot is an open source IMAP and POP3 email server.</p>
+  </background>
+  <description>
+    <p>It was discovered that Dovecot incorrectly handled deeply nested MIME
+      parts, incorrectly handled memory when using NTLM, and incorrectly
+      handled zero-length messages.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could send a specially crafted mail or send specially
+      crafted authentication requests possibly resulting in a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Dovecot users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-mail/dovecot-2.3.11.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12100">CVE-2020-12100</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12673">CVE-2020-12673</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12674">CVE-2020-12674</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-06T00:07:17Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-06T00:20:00Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-03.xml
new file mode 100644
index 0000000000..fe967a8a1e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-03.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-03">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-09-10</announced>
+  <revised count="1">2020-09-10</revised>
+  <bug>741312</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.102</unaffected>
+      <vulnerable range="lt">85.0.4183.102</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.102</unaffected>
+      <vulnerable range="lt">85.0.4183.102</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-85.0.4183.102"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-85.0.4183.102"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15959">CVE-2020-15959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6573">CVE-2020-6573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6575">CVE-2020-6575</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6576">CVE-2020-6576</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-08T19:09:18Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-10T00:02:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-04.xml
new file mode 100644
index 0000000000..c3a3e40d2d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-04.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-04">
+  <title>Qt GUI: Buffer overflow</title>
+  <synopsis>Qt GUI has a buffer overflow with unspecified impact.</synopsis>
+  <product type="ebuild">qtgui</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>736924</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-qt/qtgui" auto="yes" arch="*">
+      <unaffected range="ge">5.14.2-r1</unaffected>
+      <vulnerable range="lt">5.14.2-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The GUI module and platform plugins for the Qt5 framework.</p>
+  </background>
+  <description>
+    <p>It was discovered that Qt GUI’s XBM parser did not properly handle X
+      BitMap files.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Qt GUI users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-qt/qtgui-5.14.2-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17507">CVE-2020-17507</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-13T22:36:51Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:24:26Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-05.xml
new file mode 100644
index 0000000000..6ae334f3e7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-05.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-05">
+  <title>GStreamer RTSP Server: Denial of service</title>
+  <synopsis>A vulnerability in GStreamer RTSP Server could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">gst-rtsp-server</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>715100</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/gst-rtsp-server" auto="yes" arch="*">
+      <unaffected range="ge">1.16.2</unaffected>
+      <vulnerable range="lt">1.16.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>RTSP server library based on GStreamer.</p>
+  </background>
+  <description>
+    <p>It was discovered that GStreamer RTSP Server did not properly handle
+      authentication.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by sending specially crafted authentication requests,
+      could possibly cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GStreamer RTSP Server users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-libs/gst-rtsp-server-1.16.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6095">CVE-2020-6095</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-13T22:27:11Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:24:44Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-06.xml
new file mode 100644
index 0000000000..4b5a2bdb63
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-06.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-06">
+  <title>GNOME File Roller: Directory traversal</title>
+  <synopsis>A vulnerability in GNOME File Roller could lead to a directory
+    traversal attack.
+  </synopsis>
+  <product type="ebuild">file-roller</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>717362</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-arch/file-roller" auto="yes" arch="*">
+      <unaffected range="ge">3.36.3</unaffected>
+      <vulnerable range="lt">3.36.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>File Roller is an archive manager for the GNOME desktop environment.</p>
+  </background>
+  <description>
+    <p>It was discovered that GNOME File Roller incorrectly handled symlinks.</p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNOME File Roller users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-arch/file-roller-3.36.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11736">CVE-2020-11736</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-13T22:21:19Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:25:31Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-07.xml
new file mode 100644
index 0000000000..7722f78909
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-07.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-07">
+  <title>Perl DBI: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in the Perl module DBI,
+    the worst of which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">dbi</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>732636</bug>
+  <access>local</access>
+  <affected>
+    <package name="dev-perl/DBI" auto="yes" arch="*">
+      <unaffected range="ge">1.643.0</unaffected>
+      <vulnerable range="lt">1.643.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A database access module for the Perl programming language.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in the Perl module DBI.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Perl DBI module users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-perl/DBI-1.643.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14392">CVE-2020-14392</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14393">CVE-2020-14393</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-13T21:54:26Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:26:05Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-08.xml
new file mode 100644
index 0000000000..f955577511
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-08.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-08">
+  <title>GNOME Shell: Information disclosure</title>
+  <synopsis>An information disclosure vulnerability in GNOME Shell might allow
+    local attackers to obtain sensitive information.
+  </synopsis>
+  <product type="ebuild">gnome-shell</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>736802</bug>
+  <access>local</access>
+  <affected>
+    <package name="gnome-base/gnome-shell" auto="yes" arch="*">
+      <unaffected range="ge">3.34.5-r1</unaffected>
+      <vulnerable range="lt">3.34.5-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNOME Shell provides core user interface functions for the GNOME 3
+      desktop, like switching to windows and launching applications.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that GNOME Shell incorrectly handled the login screen
+      password dialog.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNOME Shell users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=gnome-base/gnome-shell-3.34.5-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17489">CVE-2020-17489</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-13T22:02:20Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:26:21Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-09.xml
new file mode 100644
index 0000000000..4716f54af8
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-09.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-09">
+  <title>Nextcloud Desktop Sync client: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Nextcloud Desktop Sync
+    client, the worst of which may allow execution of arbitrary code.
+  </synopsis>
+  <product type="ebuild">nextcloud-client</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>736649</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/nextcloud-client" auto="yes" arch="*">
+      <unaffected range="ge">2.6.5</unaffected>
+      <vulnerable range="lt">2.6.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Nextcloud Desktop Sync client can synchronize one or more directories to
+      Nextcloud server.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync
+      client. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Nextcloud Desktop Sync client users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/nextcloud-client-2.6.5"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8189">CVE-2020-8189</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8224">CVE-2020-8224</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8227">CVE-2020-8227</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-12T20:28:32Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:26:38Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-10.xml
new file mode 100644
index 0000000000..3ff0e04b33
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-10.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-10">
+  <title>PHP: Denial of service</title>
+  <synopsis>A vulnerabilities in PHP could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">PHP</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>736158</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-lang/php" auto="yes" arch="*">
+      <unaffected range="ge" slot="7.2">7.2.33</unaffected>
+      <unaffected range="ge" slot="7.3">7.3.21</unaffected>
+      <unaffected range="ge" slot="7.4">7.4.9</unaffected>
+      <vulnerable range="lt" slot="7.2">7.2.33</vulnerable>
+      <vulnerable range="lt" slot="7.3">7.3.21</vulnerable>
+      <vulnerable range="lt" slot="7.4">7.4.9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PHP is an open source general-purpose scripting language that is
+      especially suited for web development.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that PHP did not properly handle PHAR files.</p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted PHAR
+      file using PHP, possibly allowing attacker to obtain sensitive
+      information or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PHP 7.2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.2.33"
+    </code>
+    
+    <p>All PHP 7.3 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.3.21"
+    </code>
+    
+    <p>All PHP 7.4 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.4.9"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7068">CVE-2020-7068</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-12T20:12:49Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:26:59Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-11.xml
new file mode 100644
index 0000000000..0db2968196
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-11.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-11">
+  <title>ProFTPD: Denial of service</title>
+  <synopsis>A vulnerability in ProFTPD could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">proftpd</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>733376</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-ftp/proftpd" auto="yes" arch="*">
+      <unaffected range="ge">1.3.7a</unaffected>
+      <vulnerable range="lt">1.3.7a</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ProFTPD is an advanced and very configurable FTP server.</p>
+  </background>
+  <description>
+    <p>It was found that ProFTPD did not properly handle invalid SCP commands.</p>
+  </description>
+  <impact type="low">
+    <p>An authenticated remote attacker could issue invalid SCP commands,
+      possibly resulting in  a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ProFTPD users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-ftp/proftpd-1.3.7a"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://github.com/proftpd/proftpd/issues/1043">Invalid SCP
+      command leads to null pointer dereference
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-12T20:04:18Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:27:17Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-12.xml
new file mode 100644
index 0000000000..a298602604
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-12.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-12">
+  <title>ZeroMQ: Denial of service</title>
+  <synopsis>A vulnerability in ZeroMQ could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">zeromq</product>
+  <announced>2020-09-13</announced>
+  <revised count="1">2020-09-13</revised>
+  <bug>740574</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-libs/zeromq" auto="yes" arch="*">
+      <unaffected range="ge">4.3.3</unaffected>
+      <vulnerable range="lt">4.3.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Looks like an embeddable networking library but acts like a concurrency
+      framework.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that ZeroMQ does not properly handle connecting peers
+      before a handshake is completed.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An unauthenticated remote attacker able to connect to a ZeroMQ endpoint,
+      even with CURVE encryption/authentication enabled, can cause a Denial of
+      Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ZeroMQ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/zeromq-4.3.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15166">CVE-2020-15166</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-12T19:44:05Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-09-13T23:27:38Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-13.xml
new file mode 100644
index 0000000000..163c6c7718
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-13.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-13">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromiun and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-09-29</announced>
+  <revised count="1">2020-09-29</revised>
+  <bug>744007</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.121</unaffected>
+      <vulnerable range="lt">85.0.4183.121</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">85.0.4183.121</unaffected>
+      <vulnerable range="lt">85.0.4183.121</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-85.0.4183.121"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-85.0.4183.121"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15960">CVE-2020-15960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15961">CVE-2020-15961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15962">CVE-2020-15962</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15963">CVE-2020-15963</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15964">CVE-2020-15964</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15965">CVE-2020-15965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15966">CVE-2020-15966</uri>
+    <uri link="https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-23T03:40:44Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-29T18:05:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-14.xml
new file mode 100644
index 0000000000..e7f29aeae1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-14.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-14">
+  <title>Xen: Buffer overflow</title>
+  <synopsis>A buffer overflow in Xen might allow remote attacker(s) to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">xen</product>
+  <announced>2020-09-29</announced>
+  <revised count="1">2020-09-29</revised>
+  <bug>738040</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-emulation/xen" auto="yes" arch="*">
+      <unaffected range="ge">4.13.1-r3</unaffected>
+      <vulnerable range="lt">4.13.1-r3</vulnerable>
+    </package>
+    <package name="app-emulation/xen-tools" auto="yes" arch="*">
+      <unaffected range="ge">4.13.1-r3</unaffected>
+      <vulnerable range="lt">4.13.1-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Xen is a bare-metal hypervisor.</p>
+  </background>
+  <description>
+    <p>An out-of-bounds read/write access issue was found in the USB emulator
+      when using QEMU.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Xen users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/xen-4.13.1-r3"
+    </code>
+    
+    <p>All Xen tools users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=app-emulation/xen-tools-4.13.1-r3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14364">CVE-2020-14364</uri>
+    <uri link="https://xenbits.xen.org/xsa/advisory-335.html">XSA-335</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-23T03:24:25Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-29T18:05:39Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-15.xml
new file mode 100644
index 0000000000..8fb1616dfe
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-15.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-15">
+  <title>libuv: Buffer overflow</title>
+  <synopsis>A buffer overflow in libuv might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">libuv</product>
+  <announced>2020-09-29</announced>
+  <revised count="1">2020-09-29</revised>
+  <bug>742890</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/libuv" auto="yes" arch="*">
+      <unaffected range="ge">1.39.0</unaffected>
+      <vulnerable range="lt">1.39.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libuv is a multi-platform support library with a focus on asynchronous
+      I/O.
+    </p>
+  </background>
+  <description>
+    <p>libuv used an incorrect buffer size for paths, causing a buffer
+      overflow.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libuv users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/libuv-1.39.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8252">CVE-2020-8252</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-23T13:49:20Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-29T18:05:50Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-16.xml
new file mode 100644
index 0000000000..f58afe91c7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-16.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-16">
+  <title>LinuxCIFS: Shell injection</title>
+  <synopsis>A vulnerability in LinuxCIFS may allow a remote code execution via
+    a command line option.
+  </synopsis>
+  <product type="ebuild">LinuxCIFS</product>
+  <announced>2020-09-29</announced>
+  <revised count="1">2020-09-29</revised>
+  <bug>743211</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-fs/cifs-utils" auto="yes" arch="*">
+      <unaffected range="ge">6.11</unaffected>
+      <vulnerable range="lt">6.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The LinuxCIFS utils are a collection of tools for managing Linux CIFS
+      Client Filesystems.
+    </p>
+  </background>
+  <description>
+    <p>The mount.cifs utility had a shell injection issue where one can embed
+      shell commands via the username mount option. Those commands will be run
+      via popen() in the context of the user calling mount.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to use a specially crafted
+      argument using mount.cifs, possibly resulting in execution of arbitrary
+      code with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All LinuxCIFS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-fs/cifs-utils-6.11"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14342">CVE-2020-14342</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-20T13:02:21Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-29T18:06:06Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-17.xml
new file mode 100644
index 0000000000..408f401fbb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-17.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-17">
+  <title>gpsd: Arbitrary code execution</title>
+  <synopsis>A vulnerability in gpsd could allow remote code execution.</synopsis>
+  <product type="ebuild">gpsd</product>
+  <announced>2020-09-29</announced>
+  <revised count="1">2020-09-29</revised>
+  <bug>743766</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sci-geosciences/gpsd" auto="yes" arch="*">
+      <unaffected range="ge">3.18</unaffected>
+      <vulnerable range="lt">3.18</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>gpsd is a GPS daemon and library for USB/serial GPS devices and
+      GPS/mapping clients.
+    </p>
+  </background>
+  <description>
+    <p>A stack-based buffer overflow was discovered in gpsd on port 2947/TCP or
+      crafted JSON inputs.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All gpsd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sci-geosciences/gpsd-3.18"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-17937">CVE-2018-17937</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-25T20:46:53Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-29T18:06:31Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-18.xml
new file mode 100644
index 0000000000..024a1e62ea
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202009-18.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202009-18">
+  <title>Bitcoin: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Bitcoin, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">bitcoin</product>
+  <announced>2020-09-30</announced>
+  <revised count="1">2020-09-30</revised>
+  <bug>711198</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-p2p/bitcoind" auto="yes" arch="*">
+      <unaffected range="ge">0.20.1</unaffected>
+      <vulnerable range="lt">0.20.1</vulnerable>
+    </package>
+    <package name="net-p2p/bitcoin-qt" auto="yes" arch="*">
+      <unaffected range="ge">0.20.1</unaffected>
+      <vulnerable range="lt">0.20.1</vulnerable>
+    </package>
+    <package name="net-p2p/bitcoin-cli" auto="yes" arch="*">
+      <unaffected range="ge">0.20.1</unaffected>
+      <vulnerable range="lt">0.20.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Bitcoin Core consists of both “full-node” software for fully
+      validating the blockchain as well as a bitcoin wallet.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Bitcoin. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All bitcoind users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-p2p/bitcoind-0.20.1"
+    </code>
+    
+    <p>All bitcoin-qt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-p2p/bitcoin-qt-0.20.1"
+    </code>
+    
+    <p>All bitcoin-cli users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-p2p/bitcoin-cli-0.20.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-15947">CVE-2019-15947</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14198">CVE-2020-14198</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-09-18T00:17:00Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-09-30T00:20:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-01.xml
new file mode 100644
index 0000000000..855bac0279
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-01.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-01">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium, google-chrome</product>
+  <announced>2020-10-17</announced>
+  <revised count="1">2020-10-17</revised>
+  <bug>747013</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.75</unaffected>
+      <vulnerable range="lt">86.0.4240.75</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.75</unaffected>
+      <vulnerable range="lt">86.0.4240.75</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-86.0.4240.75"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-86.0.4240.75"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15967">CVE-2020-15967</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15968">CVE-2020-15968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15969">CVE-2020-15969</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15970">CVE-2020-15970</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15971">CVE-2020-15971</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15972">CVE-2020-15972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15973">CVE-2020-15973</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15974">CVE-2020-15974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15975">CVE-2020-15975</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15976">CVE-2020-15976</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15977">CVE-2020-15977</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15978">CVE-2020-15978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15979">CVE-2020-15979</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15980">CVE-2020-15980</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15981">CVE-2020-15981</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15982">CVE-2020-15982</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15983">CVE-2020-15983</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15984">CVE-2020-15984</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15985">CVE-2020-15985</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15986">CVE-2020-15986</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15987">CVE-2020-15987</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15988">CVE-2020-15988</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15989">CVE-2020-15989</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15990">CVE-2020-15990</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15991">CVE-2020-15991</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15992">CVE-2020-15992</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6557">CVE-2020-6557</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-08T02:31:49Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-17T09:03:37Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-02.xml
new file mode 100644
index 0000000000..e67ad5cb89
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-02.xml
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-02">
+  <title>Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox and
+    Mozilla Thunderbird, the worst of which could result in the arbitrary
+    execution of code.
+  </synopsis>
+  <product type="ebuild">firefox,thunderbird</product>
+  <announced>2020-10-17</announced>
+  <revised count="1">2020-10-17</revised>
+  <bug>744208</bug>
+  <bug>745432</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">81.0</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.3.0</unaffected>
+      <vulnerable range="lt">81.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">81.0</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.3.0</unaffected>
+      <vulnerable range="lt">81.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.3.1</unaffected>
+      <vulnerable range="lt">78.3.1</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.3.1</unaffected>
+      <vulnerable range="lt">78.3.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+    
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox and
+      Mozilla Thunderbird. Please review the CVE identifiers referenced below
+      for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-81.0"
+    </code>
+    
+    <p>All Mozilla Firefox (bin) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-81.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-78.3.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-78.3.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.3.1"
+    </code>
+    
+    <p>All Mozilla Thunderbird (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.3.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15673">CVE-2020-15673</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15676">CVE-2020-15676</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15677">CVE-2020-15677</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15678">CVE-2020-15678</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/">
+      Mozilla Foundation Security Advisory 2020-43
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/">
+      Mozilla Foundation Security Advisory 2020-44
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-03T20:27:12Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-17T09:03:41Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-03.xml
new file mode 100644
index 0000000000..192d449c53
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-03.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-03">
+  <title>libjpeg-turbo: Information disclosure</title>
+  <synopsis>An information disclosure vulnerability in libjpeg-turbo allow
+    remote attackers to obtain sensitive information.
+  </synopsis>
+  <product type="ebuild">libjpeg-turbo</product>
+  <announced>2020-10-20</announced>
+  <revised count="1">2020-10-20</revised>
+  <bug>727010</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/libjpeg-turbo" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/0.1">1.5.3-r3</unaffected>
+      <unaffected range="ge" slot="0/0.2">2.0.4-r1</unaffected>
+      <vulnerable range="lt">2.0.4-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libjpeg-turbo is a MMX, SSE, and SSE2 SIMD accelerated JPEG library.</p>
+  </background>
+  <description>
+    <p>It was discovered that libjpeg-turbo incorrectly handled certain PPM
+      files.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted PPM
+      file using an application linked against libjpeg-turbo, possibly allowing
+      attacker to obtain sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libjpeg-turbo 1.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-libs/libjpeg-turbo-1.5.3-r3:0/0.1"
+    </code>
+    
+    <p>All libjpeg-turbo 2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-libs/libjpeg-turbo-2.0.4-r1:0/0.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13790">CVE-2020-13790</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-08T04:33:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-20T10:43:26Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-04.xml
new file mode 100644
index 0000000000..78c3523463
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-04.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-04">
+  <title>libxml2: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libxml2, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libxml2</product>
+  <announced>2020-10-20</announced>
+  <revised count="1">2020-10-20</revised>
+  <bug>710748</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/libxml2" auto="yes" arch="*">
+      <unaffected range="ge">2.9.10</unaffected>
+      <vulnerable range="lt">2.9.10</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libxml2 is the XML (eXtended Markup Language) C parser and toolkit
+      initially developed for the Gnome project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libxml2. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libxml2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/libxml2-2.9.10"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20388">CVE-2019-20388</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7595">CVE-2020-7595</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-02T01:04:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-20T10:44:05Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-05.xml
new file mode 100644
index 0000000000..06ea01608c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-05.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-05">
+  <title>LibRaw: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in LibRaw, the worst of
+    which may allow attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">libraw</product>
+  <announced>2020-10-20</announced>
+  <revised count="1">2020-10-20</revised>
+  <bug>744190</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/libraw" auto="yes" arch="*">
+      <unaffected range="ge">0.20.0</unaffected>
+      <vulnerable range="lt">0.20.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>LibRaw is a library for reading RAW files obtained from digital photo
+      cameras.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in LibRaw. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted image
+      file using an application linked against LibRaw, possibly resulting in
+      execution of arbitrary code with the privileges of the process or a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All LibRaw users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/libraw-0.20.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24889">CVE-2020-24889</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24890">CVE-2020-24890</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-03T15:57:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-20T10:44:44Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-06.xml
new file mode 100644
index 0000000000..6996a19ab1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-06.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-06">
+  <title>Ark: Arbitrary code execution</title>
+  <synopsis>Ark was found to allow arbitrary file overwrite, possibly allowing
+    arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">ark</product>
+  <announced>2020-10-20</announced>
+  <revised count="1">2020-10-20</revised>
+  <bug>743959</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="kde-apps/ark" auto="yes" arch="*">
+      <unaffected range="ge">20.04.3-r2</unaffected>
+      <vulnerable range="lt">20.04.3-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ark is a graphical file compression/decompression utility with support
+      for multiple formats.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Ark incorrectly handled symbolic links in tar
+      archive files.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      archive using Ark, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All KDE Ark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-apps/ark-20.04.3-r2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24654">CVE-2020-24654</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-02T23:33:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-20T10:45:10Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-07.xml
new file mode 100644
index 0000000000..8e52bf4fa5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-07.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-07">
+  <title>FreeType: Arbitrary code execution</title>
+  <synopsis>A buffer overflow in FreeType might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">freetype</product>
+  <announced>2020-10-23</announced>
+  <revised count="1">2020-10-23</revised>
+  <bug>750275</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/freetype" auto="yes" arch="*">
+      <unaffected range="ge">2.10.3-r1</unaffected>
+      <vulnerable range="lt">2.10.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FreeType is a high-quality and portable font engine.</p>
+  </background>
+  <description>
+    <p>A flaw in FreeType’s handling of embedded PNG bitmaps was discovered
+      where the image height and width was not checked to be within bounds.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted font
+      file using FreeType possibly resulting in the execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FreeType users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/freetype-2.10.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15999">CVE-2020-15999</uri>
+    <uri link="https://savannah.nongnu.org/bugs/?59308">Upstream bug</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-20T09:45:14Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-23T03:42:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-08.xml
new file mode 100644
index 0000000000..f206b1a074
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202010-08.xml
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202010-08">
+  <title>Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox and
+    Mozilla Thunderbird, the worst of which could result in the arbitrary
+    execution of code.
+  </synopsis>
+  <product type="ebuild">firefox,thunderbird</product>
+  <announced>2020-10-28</announced>
+  <revised count="1">2020-10-28</revised>
+  <bug>750446</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">82.0</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.4.0</unaffected>
+      <vulnerable range="lt">82.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">82.0</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.4.0</unaffected>
+      <vulnerable range="lt">82.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.4.0</unaffected>
+      <vulnerable range="lt">78.4.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.4.0</unaffected>
+      <vulnerable range="lt">78.4.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+    
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox and
+      Mozilla Thunderbird. Please review the CVE identifiers referenced below
+      for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-82.0"
+    </code>
+    
+    <p>All Mozilla Firefox (bin) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-82.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-78.4.0:0/esr78"
+    </code>
+    
+    <p>All Mozilla Firefox ESR (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.4.0:0/esr78"
+    </code>
+    
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.4.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.4.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15683">CVE-2020-15683</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15969">CVE-2020-15969</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/">
+      MFSA-2020-45
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/">
+      MFSA-2020-46
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/">
+      MFSA-2020-47
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-22T14:24:38Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-10-28T00:27:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-01.xml
new file mode 100644
index 0000000000..8050a84cb5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-01.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-01">
+  <title>BlueZ: Arbitrary code execution</title>
+  <synopsis>A vulnerability in BlueZ might allow remote attackers to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">bluez</product>
+  <announced>2020-11-03</announced>
+  <revised count="1">2020-11-03</revised>
+  <bug>749285</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-wireless/bluez" auto="yes" arch="*">
+      <unaffected range="ge">5.55</unaffected>
+      <vulnerable range="lt">5.55</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Set of tools to manage Bluetooth devices for Linux.</p>
+  </background>
+  <description>
+    <p>It was discovered that there was a double-free vulnerability in Bluez
+      after the service discovery which occurs after a Bluetoth Low Energy
+      (BLE) connection has been established to a device.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by enticing a user to connect to a malicious GATT
+      server or device, could cause the execution of arbitrary code with the
+      privileges of the user running gatttool client or cause a Denial of
+      Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All BlueZ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-wireless/bluez-5.55"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27153">CVE-2020-27153</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-20T10:51:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-03T00:32:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-02.xml
new file mode 100644
index 0000000000..b718c8d628
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-02.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-02">
+  <title>OpenDMARC: Heap-based buffer overflow</title>
+  <synopsis>A heap-based buffer overflow in OpenDMARC might allow remote
+    attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">opendmarc</product>
+  <announced>2020-11-03</announced>
+  <revised count="1">2020-11-03</revised>
+  <bug>734158</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-filter/opendmarc" auto="yes" arch="*">
+      <unaffected range="ge">1.3.3</unaffected>
+      <vulnerable range="lt">1.3.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenDMARC is an open source DMARC implementation.</p>
+  </background>
+  <description>
+    <p>It was found that OpenDMARC did not properly handle DMARC aggregate
+      reports.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by sending a specially crafted DMARC aggregate
+      report, could possibly cause a Denial of Service condition and depending
+      on how OpenDMARC library is used in linked application execute arbitrary
+      code with the privileges of the process.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenDMARC users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-filter/opendmarc-1.3.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12460">CVE-2020-12460</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-15T18:55:45Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-03T00:33:08Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-03.xml
new file mode 100644
index 0000000000..e1b7742733
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-03.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-03">
+  <title>KPMCore: Root privilege escalation</title>
+  <synopsis>A vulnerability in kpmcore could result in privilege escalation.</synopsis>
+  <product type="ebuild">kpmcore</product>
+  <announced>2020-11-03</announced>
+  <revised count="1">2020-11-03</revised>
+  <bug>749822</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-libs/kpmcore" auto="yes" arch="*">
+      <unaffected range="ge">4.2.0</unaffected>
+      <vulnerable range="lt">4.2.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>KPMcore, the KDE Partition Manager core, is a library for examining and
+      modifying partitions, disk devices, and filesystems on a Linux system. It
+      provides a unified programming interface over top of (external)
+      system-manipulation tools.
+    </p>
+  </background>
+  <description>
+    <p>Improper checks on the D-Bus request received resulted in improper
+      protection for /etc/fstab.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could esclate privileges to root by exploiting this
+      vulnerability.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All KPMCore users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/kpmcore-4.2.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27187">CVE-2020-27187</uri>
+    <uri link="https://mail.kde.org/pipermail/kde-announce/2020-October/000124.html">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-23T04:10:26Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-03T00:33:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-04.xml
new file mode 100644
index 0000000000..6cef70d8b7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-04.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-04">
+  <title>Fossil: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Fossil, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">fossil</product>
+  <announced>2020-11-03</announced>
+  <revised count="1">2020-11-03</revised>
+  <bug>738220</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-vcs/fossil" auto="yes" arch="*">
+      <unaffected range="ge">2.12.1</unaffected>
+      <vulnerable range="lt">2.12.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Fossil is a simple, high-reliability, distributed software configuration
+      management system.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Fossil. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      repository using Fossil, possibly resulting in execution of arbitrary
+      code with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Fossil users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-vcs/fossil-2.12.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24614">CVE-2020-24614</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-04T13:56:09Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-03T00:34:02Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-05.xml
new file mode 100644
index 0000000000..e33d8909d0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-05.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-05">
+  <title>libssh: Denial of service</title>
+  <synopsis>A vulnerability in libssh could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">libssh</product>
+  <announced>2020-11-03</announced>
+  <revised count="1">2020-11-03</revised>
+  <bug>734624</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/libssh" auto="yes" arch="*">
+      <unaffected range="ge">0.9.5</unaffected>
+      <vulnerable range="lt">0.9.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libssh is a multiplatform C library implementing the SSHv2 protocol on
+      client and server side.
+    </p>
+  </background>
+  <description>
+    <p>libssh was found to have a NULL pointer dereference in tftpserver.c if
+      the function ssh_buffer_new returns NULL.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libssh users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/libssh-0.9.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16135">CVE-2020-16135</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-15T18:56:19Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-03T00:34:45Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-06.xml
new file mode 100644
index 0000000000..f3f187929c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-06.xml
@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-06">
+  <title>Xen: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Xen, the worst of which
+    could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">xen</product>
+  <announced>2020-11-11</announced>
+  <revised count="3">2020-11-11</revised>
+  <bug>744202</bug>
+  <bug>750779</bug>
+  <bug>753692</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/xen" auto="yes" arch="*">
+      <unaffected range="ge">4.13.2</unaffected>
+      <vulnerable range="lt">4.13.2</vulnerable>
+    </package>
+    <package name="app-emulation/xen-tools" auto="yes" arch="*">
+      <unaffected range="ge">4.13.2</unaffected>
+      <vulnerable range="lt">4.13.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Xen is a bare-metal hypervisor.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Xen. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Xen users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/xen-4.13.1-r5"
+    </code>
+    
+    <p>All Xen Tools users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=app-emulation/xen-tools-4.13.1-r5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25595">CVE-2020-25595</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25596">CVE-2020-25596</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25597">CVE-2020-25597</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25598">CVE-2020-25598</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25599">CVE-2020-25599</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25600">CVE-2020-25600</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25601">CVE-2020-25601</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25602">CVE-2020-25602</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25603">CVE-2020-25603</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25604">CVE-2020-25604</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27670">CVE-2020-27670</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27671">CVE-2020-27671</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27672">CVE-2020-27672</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27673">CVE-2020-27673</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27674">CVE-2020-27674</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27675">CVE-2020-27675</uri>
+    <uri link="https://xenbits.xen.org/xsa/advisory-345.html">XSA-345</uri>
+    <uri link="https://xenbits.xen.org/xsa/advisory-346.html">XSA-346</uri>
+    <uri link="https://xenbits.xen.org/xsa/advisory-347.html">XSA-347</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-23T04:14:51Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:40:50Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-07.xml
new file mode 100644
index 0000000000..19e8efe6d6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-07.xml
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-07">
+  <title>Mozilla Firefox: Remote code execution</title>
+  <synopsis>A use-after-free in Mozilla Firefox might allow remote attacker(s)
+    to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>753773</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">82.0.3</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.4.1</unaffected>
+      <vulnerable range="lt">82.0.3</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">82.0.3</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.4.1</unaffected>
+      <vulnerable range="lt">78.4.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>Invalid assumptions when emitting the the MCallGetProperty opcode in the
+      JavaScript JIT may result in a use-after-free condition.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-82.0.3"
+    </code>
+    
+    <p>All Mozilla Firefox (bin) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.4.1:0/esr78"
+    </code>
+    
+    <p>All Mozilla Firefox (ESR) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-82.0.3"
+    </code>
+    
+    <p>All Mozilla Firefox (ESR) bin users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.4.1:0/esr78"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26950">CVE-2020-26950</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/">
+      MFSA-2020-49
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-09T20:03:19Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:36:43Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-08.xml
new file mode 100644
index 0000000000..c91c014dc5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-08.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-08">
+  <title>Wireshark: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Wireshark, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>750692</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">3.4.0</unaffected>
+      <vulnerable range="lt">3.4.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Wireshark is a network protocol analyzer formerly known as ethereal.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Wireshark. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Wireshark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-3.4.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26575">CVE-2020-26575</uri>
+    <uri link="https://www.wireshark.org/security/wnpa-sec-2020-14">
+      wnpa-sec-2020-14
+    </uri>
+    <uri link="https://www.wireshark.org/security/wnpa-sec-2020-15">
+      wnpa-sec-2020-15
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-08T10:31:07Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:36:48Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-09.xml
new file mode 100644
index 0000000000..fba58488bd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-09.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-09">
+  <title>QEMU: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in QEMU, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">qemu</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>720896</bug>
+  <bug>725634</bug>
+  <bug>743649</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-emulation/qemu" auto="yes" arch="*">
+      <unaffected range="ge">5.1.0-r1</unaffected>
+      <vulnerable range="lt">5.1.0-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>QEMU is a generic and open source machine emulator and virtualizer.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in QEMU. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All QEMU users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/qemu-5.1.0-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10717">CVE-2020-10717</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10761">CVE-2020-10761</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13253">CVE-2020-13253</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13361">CVE-2020-13361</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13362">CVE-2020-13362</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13659">CVE-2020-13659</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13754">CVE-2020-13754</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13791">CVE-2020-13791</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13800">CVE-2020-13800</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14364">CVE-2020-14364</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-07T02:00:43Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:36:56Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-10.xml
new file mode 100644
index 0000000000..3126f1b174
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-10.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-10">
+  <title>tmux: Buffer overflow</title>
+  <synopsis>A buffer overflow in tmux might allow remote attacker(s) to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">tmux</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>753206</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-misc/tmux" auto="yes" arch="*">
+      <unaffected range="ge">3.1c</unaffected>
+      <vulnerable range="lt">3.1c</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>tmux is a terminal multiplexer.</p>
+  </background>
+  <description>
+    <p>A flaw in tmux’s handling of escape characters was discovered which
+      may allow a buffer overflow.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All tmux users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-misc/tmux-3.1c"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27347">CVE-2020-27347</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-09T23:15:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:36:59Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-11.xml
new file mode 100644
index 0000000000..ee062a5069
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-11.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-11">
+  <title>Blueman: Local privilege escalation</title>
+  <synopsis>A privilege escalation vulnerability has been discovered in
+    Blueman.
+  </synopsis>
+  <product type="ebuild">blueman</product>
+  <announced>2020-11-11</announced>
+  <revised count="2">2020-11-11</revised>
+  <bug>751556</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-wireless/blueman" auto="yes" arch="*">
+      <unaffected range="ge">2.1.4</unaffected>
+      <vulnerable range="lt">2.1.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Blueman is a simple and intuitive GTK+ Bluetooth Manager.</p>
+  </background>
+  <description>
+    <p>Where Polkit is not used and the default permissions have been changed
+      on a specific rule file, control of a local DHCP daemon may be possible.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker may be able to achieve root privilege escalation.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Blueman users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-wireless/blueman-2.1.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15238">CVE-2020-15238</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-01T02:23:14Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:43:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-12.xml
new file mode 100644
index 0000000000..03f1f501df
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-12.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-12">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>750854</bug>
+  <bug>752375</bug>
+  <bug>753848</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.193</unaffected>
+      <vulnerable range="lt">86.0.4240.193</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.193</unaffected>
+      <vulnerable range="lt">86.0.4240.193</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-86.0.4240.193"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-86.0.4240.193"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15999">CVE-2020-15999</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16004">CVE-2020-16004</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16005">CVE-2020-16005</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16006">CVE-2020-16006</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16008">CVE-2020-16008</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16009">CVE-2020-16009</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16016">CVE-2020-16016</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-10T22:00:45Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:37:14Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-13.xml
new file mode 100644
index 0000000000..b5f2816077
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-13.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-13">
+  <title>Salt: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Salt, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">salt</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>753266</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-admin/salt" auto="yes" arch="*">
+      <unaffected range="ge">3000.5</unaffected>
+      <vulnerable range="lt">3000.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Salt is a remote execution and configuration manager.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Salt. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Salt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/salt-3000.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16846">CVE-2020-16846</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17490">CVE-2020-17490</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25592">CVE-2020-25592</uri>
+    <uri link="https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-09T23:14:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:38:41Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-14.xml
new file mode 100644
index 0000000000..2ae7a8c2ec
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-14.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-14">
+  <title>MariaDB: Remote code execution</title>
+  <synopsis>A vulnerability has been discovered in MariaDB which could result
+    in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">mariadb</product>
+  <announced>2020-11-11</announced>
+  <revised count="1">2020-11-11</revised>
+  <bug>747166</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/mariadb" auto="yes" arch="*">
+      <unaffected range="ge" slot="10.5">10.5.6</unaffected>
+      <unaffected range="ge" slot="10.4">10.4.13-r3</unaffected>
+      <unaffected range="ge" slot="10.3">10.3.23-r3</unaffected>
+      <unaffected range="ge" slot="10.2">10.2.22-r3</unaffected>
+      <vulnerable range="lt">10.5.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MariaDB is an enhanced, drop-in replacement for MySQL.</p>
+  </background>
+  <description>
+    <p>It was discovered that MariaDB did not properly validate the content of
+      a packet received from a server.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker could send a specially crafted packet to WSREP
+      service, possibly resulting in execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MariaDB 10.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.5.6:10.5"
+    </code>
+    
+    <p>All MariaDB 10.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.4.13-r3:10.4"
+    </code>
+    
+    <p>All MariaDB 10.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.3.23-r3:10.3"
+    </code>
+    
+    <p>All MariaDB 10.2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.2.22-r3:10.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15180">CVE-2020-15180</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-08T21:17:21Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-11-11T03:38:51Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-15.xml
new file mode 100644
index 0000000000..91f3acadcd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-15.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-15">
+  <title>libmaxminddb: Denial of service</title>
+  <synopsis>A vulnerability in libmaxminddb could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">libmaxminddb</product>
+  <announced>2020-11-14</announced>
+  <revised count="1">2020-11-14</revised>
+  <bug>753275</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/libmaxminddb" auto="yes" arch="*">
+      <unaffected range="ge">1.4.3</unaffected>
+      <vulnerable range="lt">1.4.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The libmaxminddb library provides a C library for reading MaxMind DB
+      files, including the GeoIP2 databases from MaxMind.
+    </p>
+  </background>
+  <description>
+    <p>libmaxminddb used uninitialised memory when reading from a corrupt
+      database file.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to use a specially crafted
+      database with libmaxminddb, possibly resulting in a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libmaxminddb users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/libmaxminddb-1.4.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28241">CVE-2020-28241</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-12T15:42:40Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-14T18:14:48Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-16.xml
new file mode 100644
index 0000000000..1ffe1738d6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-16.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-16">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-11-16</announced>
+  <revised count="1">2020-11-16</revised>
+  <bug>754093</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.198</unaffected>
+      <vulnerable range="lt">86.0.4240.198</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">86.0.4240.198</unaffected>
+      <vulnerable range="lt">86.0.4240.198</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-86.0.4240.198"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-86.0.4240.198"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16013">CVE-2020-16013</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16017">CVE-2020-16017</uri>
+    <uri link="https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html">
+      Google Chrome 86.0.4240.198 release announcement
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-12T12:59:44Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-16T02:34:43Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-17.xml
new file mode 100644
index 0000000000..8de429e1f0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-17.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-17">
+  <title>MIT Kerberos 5: Denial of service</title>
+  <synopsis>A vulnerability in MIT Kerberos 5 could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">mit-krb5</product>
+  <announced>2020-11-16</announced>
+  <revised count="1">2020-11-16</revised>
+  <bug>753281</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-crypt/mit-krb5" auto="yes" arch="*">
+      <unaffected range="ge">1.18.2-r2</unaffected>
+      <vulnerable range="lt">1.18.2-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The MIT Kerberos 5 implementation provides a command line telnet client
+      which is used for remote login via the telnet protocol.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that MIT Kerberos network authentication system, krb5,
+      did not properly handle ASN.1-encoded Kerberos messages.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send a specially crafted Kerberos message,
+      possibly resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MIT Kerberos 5 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-crypt/mit-krb5-1.18.2-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28196">CVE-2020-28196</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-13T18:08:33Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-16T02:42:29Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-18.xml
new file mode 100644
index 0000000000..5e570091d3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-18.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-18">
+  <title>Apache Ant: Insecure temporary file</title>
+  <synopsis>Apache Ant uses various insecure temporary files possibly allowing
+    local code execution. 
+  </synopsis>
+  <product type="ebuild">ant</product>
+  <announced>2020-11-16</announced>
+  <revised count="1">2020-11-16</revised>
+  <bug>745768</bug>
+  <access>local</access>
+  <affected>
+    <package name="dev-java/ant" auto="yes" arch="*">
+      <unaffected range="ge">1.10.9</unaffected>
+      <vulnerable range="lt">1.10.9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ant is a Java-based build tool similar to ‘make’ that uses XML
+      configuration files.
+    </p>
+  </background>
+  <description>
+    <p>A previous fix for a security vulnerability involving insecure temporary
+      files has been found to be incomplete.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could perform symlink attacks to overwrite arbitrary
+      files with the privileges of the user running the application.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Ant users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/ant-1.10.9"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11979">CVE-2020-11979</uri>
+    <uri link="https://security.gentoo.org/glsa/202007-34">GLSA-202007-34</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-15T12:30:53Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-16T02:44:41Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-19.xml
new file mode 100644
index 0000000000..3f0a5cc981
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202011-19.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202011-19">
+  <title>libexif: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libexif, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">libexif</product>
+  <announced>2020-11-16</announced>
+  <revised count="1">2020-11-16</revised>
+  <bug>754681</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/libexif" auto="yes" arch="*">
+      <unaffected range="ge">0.6.22_p20201105</unaffected>
+      <vulnerable range="lt">0.6.22_p20201105</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libexif is a library for parsing, editing and saving Exif metadata from
+      images.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libexif. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libexif users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-libs/libexif-0.6.22_p20201105"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-0181">CVE-2020-0181</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-0198">CVE-2020-0198</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-0452">CVE-2020-0452</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-16T19:18:32Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-11-16T20:51:51Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-01.xml
new file mode 100644
index 0000000000..eade9bb0a6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-01.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-01">
+  <title>X.Org X Server: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in X.org X Server, the
+    worst of which could lead to privilege escalation.
+  </synopsis>
+  <product type="ebuild">xorg x server</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>734976</bug>
+  <bug>757882</bug>
+  <access>local</access>
+  <affected>
+    <package name="x11-base/xorg-server" auto="yes" arch="*">
+      <unaffected range="ge">1.20.10</unaffected>
+      <vulnerable range="lt">1.20.10</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The X Window System is a graphical windowing system based on a
+      client/server model.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in X.org X Server. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>A local attacker could escalate privileges.</p>
+  </workaround>
+  <resolution>
+    <p>All X.org X Server users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=11-base/xorg-server-1.20.10"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14345">CVE-2020-14345</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14346">CVE-2020-14346</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14347">CVE-2020-14347</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14360">CVE-2020-14360</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14361">CVE-2020-14361</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14362">CVE-2020-14362</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25712">CVE-2020-25712</uri>
+    <uri link="https://lists.x.org/archives/xorg-announce/2020-July/003051.html">
+      Upstream advisory (2020-07-31)
+    </uri>
+    <uri link="https://lists.x.org/archives/xorg-announce/2020-August/003058.html">
+      Upstream advisory (2020-08-25)
+    </uri>
+    <uri link="https://lists.x.org/archives/xorg-announce/2020-December/003066.html">
+      Upstream advisory (2020-12-01)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-08-25T22:22:49Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:18:30Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-02.xml
new file mode 100644
index 0000000000..7ad33f8171
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-02.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-02">
+  <title>SeaMonkey: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in SeaMonkey, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">seamonkey</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>718738</bug>
+  <bug>718746</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/seamonkey" auto="yes" arch="*">
+      <unaffected range="ge">2.53.5</unaffected>
+      <vulnerable range="lt">2.53.5.1</vulnerable>
+    </package>
+    <package name="www-client/seamonkey-bin" auto="yes" arch="*">
+      <vulnerable range="le">2.49.1_rc2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The SeaMonkey project is a community effort to deliver
+      production-quality releases of code derived from the application formerly
+      known as “Mozilla Application Suite”.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in SeaMonkey. Please
+      review referenced release notes for more details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced release notes for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SeaMonkey users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/seamonkey-2.53.5.1"
+    </code>
+    
+    <p>Gentoo has discontinued support for the SeaMonkey binary package. We
+      recommend that users unmerge the SeaMonkey binary package:
+    </p>
+    
+    <p># emerge --unmerge “www-client/seamonkey-bin”</p>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining the SeaMonkey binary package
+      have discontinued support at this time. It may be possible that a new
+      Gentoo developer will update it at a later date. The alternative is using
+      the standard SeaMonkey package.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://www.seamonkey-project.org/releases/seamonkey2.53.2/">
+      SeaMonkey 2.53.2 Release Notes
+    </uri>
+    <uri link="https://www.seamonkey-project.org/releases/seamonkey2.53.3/">
+      SeaMonkey 2.53.3 Release Notes
+    </uri>
+    <uri link="https://www.seamonkey-project.org/releases/seamonkey2.53.4/">
+      SeaMonkey 2.53.4 Release Notes
+    </uri>
+    <uri link="https://www.seamonkey-project.org/releases/seamonkey2.53.5/">
+      SeaMonkey 2.53.5 Release Notes
+    </uri>
+    <uri link="https://www.seamonkey-project.org/releases/seamonkey2.53.5.1/">
+      SeaMonkey 2.53.5.1 Release Notes
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-06-13T16:26:44Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:18:47Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-03.xml
new file mode 100644
index 0000000000..b44b423513
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-03.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-03">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>755170</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">83</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.5.0</unaffected>
+      <vulnerable range="lt">83</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">83</unaffected>
+      <unaffected range="ge" slot="0/esr78">78.5.0</unaffected>
+      <vulnerable range="lt">83</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-83"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-83"
+    </code>
+    
+    <p>All Mozilla Firefox (ESR) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-78.5.0:0/esr78"
+    </code>
+    
+    <p>All Mozilla Firefox (ESR) binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.5.0:0/esr78"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/">
+      Mozilla Foundation Security Advisory 2020-51
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16012">CVE-2020-16012</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26951">CVE-2020-26951</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26953">CVE-2020-26953</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26956">CVE-2020-26956</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26958">CVE-2020-26958</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26959">CVE-2020-26959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26960">CVE-2020-26960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26961">CVE-2020-26961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26965">CVE-2020-26965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26968">CVE-2020-26968</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/">
+      Mozilla Foundation Security Advisory 2020-50
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-17T23:17:23Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:18:57Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-04.xml
new file mode 100644
index 0000000000..e0bf6a7a5f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-04.xml
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-04">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could lead to the execution of arbitrary code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>758857</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.5.1</unaffected>
+      <vulnerable range="lt">78.5.1</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.5.1</unaffected>
+      <vulnerable range="lt">78.5.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the referenced Mozilla Foundation Security Advisories and
+      CVE identifiers below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.5.1"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.5.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/">
+      Mozilla Foundation Security Advisory 2020-52
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/#CVE-2020-26970">
+      Mozilla Foundation Security Advisory 2020-53
+    </uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15999">CVE-2020-15999</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16012">CVE-2020-16012</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26951">CVE-2020-26951</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26953">CVE-2020-26953</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26956">CVE-2020-26956</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26958">CVE-2020-26958</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26959">CVE-2020-26959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26960">CVE-2020-26960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26961">CVE-2020-26961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26965">CVE-2020-26965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26968">CVE-2020-26968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26970">CVE-2020-26970</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-06T23:15:02Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:19:10Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-05.xml
new file mode 100644
index 0000000000..4d9179db4f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-05.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-05">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>755227</bug>
+  <bug>758368</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">87.0.4280.88</unaffected>
+      <vulnerable range="lt">87.0.4280.88</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">87.0.4280.88</unaffected>
+      <vulnerable range="lt">87.0.4280.88</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-87.0.4280.88"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-87.0.4280.88"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16014">CVE-2020-16014</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16015">CVE-2020-16015</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16018">CVE-2020-16018</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16019">CVE-2020-16019</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16020">CVE-2020-16020</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16021">CVE-2020-16021</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16022">CVE-2020-16022</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16023">CVE-2020-16023</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16024">CVE-2020-16024</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16025">CVE-2020-16025</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16026">CVE-2020-16026</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16027">CVE-2020-16027</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16028">CVE-2020-16028</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16029">CVE-2020-16029</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16030">CVE-2020-16030</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16031">CVE-2020-16031</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16032">CVE-2020-16032</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16033">CVE-2020-16033</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16034">CVE-2020-16034</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16036">CVE-2020-16036</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16037">CVE-2020-16037</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16038">CVE-2020-16038</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16039">CVE-2020-16039</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16040">CVE-2020-16040</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16041">CVE-2020-16041</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16042">CVE-2020-16042</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-22T03:12:48Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:19:23Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-06.xml
new file mode 100644
index 0000000000..daa51d1411
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-06.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-06">
+  <title>Linux-PAM: Authentication bypass</title>
+  <synopsis>A vulnerability has been found in Linux-PAM, allowing attackers to
+    bypass the authentication process.
+  </synopsis>
+  <product type="ebuild">pam</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>756361</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-libs/pam" auto="yes" arch="*">
+      <unaffected range="ge">1.5.1</unaffected>
+      <vulnerable range="lt">1.5.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Linux-PAM (Pluggable Authentication Modules) is an architecture allowing
+      the separation of the development of privilege granting software from the
+      development of secure and appropriate authentication schemes.
+    </p>
+  </background>
+  <description>
+    <p>A flaw was found in Linux-Pam in the way it handle empty passwords for
+      non-existing users.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, who only needs to know a non-existing username, could
+      bypass security restrictions and authenticate as root user.
+    </p>
+  </impact>
+  <workaround>
+    <p>Ensure that root account is protected by a non-empty password.</p>
+  </workaround>
+  <resolution>
+    <p>All Linux-PAM users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/pam-1.5.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27780">CVE-2020-27780</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-26T02:08:08Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:19:35Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-07.xml
new file mode 100644
index 0000000000..3ce91200d1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-07.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-07">
+  <title>PostgreSQL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PostgreSQL, the worst
+    of which could result in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">postgresql</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>754363</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/postgresql" auto="yes" arch="*">
+      <unaffected range="ge" slot="9.5">9.5.24</unaffected>
+      <unaffected range="ge" slot="9.6">9.6.20</unaffected>
+      <unaffected range="ge" slot="10">10.15</unaffected>
+      <unaffected range="ge" slot="11">11.10</unaffected>
+      <unaffected range="ge" slot="12">12.5</unaffected>
+      <unaffected range="ge" slot="13">13.1</unaffected>
+      <vulnerable range="lt">13.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PostgreSQL is an open source object-relational database management
+      system.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PostgreSQL. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly obtain sensitive information, alter SQL
+      commands, escape PostgreSQL sandbox or execute arbitrary code with the
+      privileges of the process.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PostgreSQL 9.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.5.24:9.5"
+    </code>
+    
+    <p>All PostgreSQL 9.6.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.6.20:9.6"
+    </code>
+    
+    <p>All PostgreSQL 10.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-10.15:10"
+    </code>
+    
+    <p>All PostgreSQL 11.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-11.10:11"
+    </code>
+    
+    <p>All PostgreSQL 12.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-12.5:12"
+    </code>
+    
+    <p>All PostgreSQL 13.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-13.1:13"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25694">CVE-2020-25694</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25695">CVE-2020-25695</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25696">CVE-2020-25696</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-19T19:52:44Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:19:47Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-08.xml
new file mode 100644
index 0000000000..468beb7d8a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-08.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-08">
+  <title>MariaDB: Multiple vulnerabilities</title>
+  <synopsis> Multiple vulnerabilities have been found in MariaDB, the worst of
+    which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">mariadb</product>
+  <announced>2020-12-07</announced>
+  <revised count="1">2020-12-07</revised>
+  <bug>722782</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/mariadb" auto="yes" arch="*">
+      <unaffected range="ge" slot="10.2">10.2.36</unaffected>
+      <unaffected range="ge" slot="10.3">10.3.27</unaffected>
+      <unaffected range="ge" slot="10.4">10.4.17</unaffected>
+      <unaffected range="ge" slot="10.5">10.5.8</unaffected>
+      <vulnerable range="lt">10.5.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MariaDB is an enhanced, drop-in replacement for MySQL.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in MariaDB. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MariaDB 10.2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.2.36:10.2"
+    </code>
+    
+    <p>All MariaDB 10.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.3.27:10.3"
+    </code>
+    
+    <p>All MariaDB 10.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.4.17:10.4"
+    </code>
+    
+    <p>All MariaDB 10.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.5.8:10.5"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2752">CVE-2020-2752</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2760">CVE-2020-2760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2812">CVE-2020-2812</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2814">CVE-2020-2814</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-08T02:32:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-07T00:20:00Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-09.xml
new file mode 100644
index 0000000000..98367ceec4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-09.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-09">
+  <title>Cherokee: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Cherokee, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">cherokee</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>715204</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/cherokee" auto="yes" arch="*">
+      <vulnerable range="le">1.2.104-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Cherokee is an extra-light web server.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Cherokee. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for Cherokee. We recommend that users
+      unmerge package:
+    </p>
+    
+    <code>
+      # emerge --unmerge "www-servers/cherokee"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2006-1681">CVE-2006-1681</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20798">CVE-2019-20798</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20799">CVE-2019-20799</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-20800">CVE-2019-20800</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-12845">CVE-2020-12845</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T16:51:00Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:47:34Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-10.xml
new file mode 100644
index 0000000000..d3fcad05f7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-10.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-10">
+  <title>WebkitGTK+: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WebKitGTK+, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">webkit-gtk</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>755947</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/webkit-gtk" auto="yes" arch="*">
+      <unaffected range="ge">2.30.3</unaffected>
+      <vulnerable range="lt">2.30.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
+      suitable for projects requiring any kind of web integration, from hybrid
+      HTML/CSS applications to full-fledged web browsers.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WebKitGTK+. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker, by enticing a user to visit maliciously crafted web
+      content, may be able to execute arbitrary code or cause memory
+      corruption.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WebkitGTK+ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.30.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13543">CVE-2020-13543</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13584">CVE-2020-13584</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9948">CVE-2020-9948</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9951">CVE-2020-9951</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9952">CVE-2020-9952</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9983">CVE-2020-9983</uri>
+    <uri link="https://webkitgtk.org/security/WSA-2020-0008.html">WSA-2020-0008</uri>
+    <uri link="https://webkitgtk.org/security/WSA-2020-0009.html">WSA-2020-0009</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:19:16Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:48:49Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-11.xml
new file mode 100644
index 0000000000..f3d69f2db4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-11.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-11">
+  <title>c-ares: Denial of service</title>
+  <synopsis>A Denial of Service vulnerability was discovered in c-ares.</synopsis>
+  <product type="ebuild">c-ares</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>754939</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-dns/c-ares" auto="yes" arch="*">
+      <unaffected range="ge">1.17.1</unaffected>
+      <vulnerable range="lt">1.17.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>c-ares is an asynchronous resolver library.</p>
+  </background>
+  <description>
+    <p>It was discovered that c-ares incorrectly handled certain DNS requests.</p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker, able to trigger a DNS request for a host of their
+      choice by an application linked against c-ares, could possibly cause a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All c-ares users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/c-ares-1.17.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8277">CVE-2020-8277</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:25:15Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:49:06Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-12.xml
new file mode 100644
index 0000000000..ea229f22c9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-12.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-12">
+  <title>libass: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability has been found in libass that could allow a remote
+    attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">libass</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>746413</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/libass" auto="yes" arch="*">
+      <unaffected range="ge">0.15.0</unaffected>
+      <vulnerable range="lt">0.15.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libass is a portable subtitle renderer for the ASS/SSA (Advanced
+      Substation Alpha/Substation Alpha) subtitle format.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that libass did not properly handle Advanced
+      Substation Alpha/Substation Alpha subtitle format files.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to process an a specially crafted
+      subtitle format file using an application linked against libass, possibly
+      resulting in execution of arbitrary code with the privileges of the
+      process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libass users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/libass-0.15.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26682">CVE-2020-26682</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:35:27Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:52:17Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-13.xml
new file mode 100644
index 0000000000..5bd290db05
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-13.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-13">
+  <title>OpenSSL: Denial of service</title>
+  <synopsis>A vulnerability in OpenSSL might allow remote attackers to cause a
+    Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">openssl</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>759079</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/openssl" auto="yes" arch="*">
+      <unaffected range="ge">1.1.1i</unaffected>
+      <vulnerable range="lt">1.1.1i</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer
+      (SSL v2/v3) and Transport Layer Security (TLS v1/v1.1/v1.2/v1.3) as well
+      as a general purpose cryptography library.
+    </p>
+  </background>
+  <description>
+    <p>A null pointer dereference flaw was found in OpenSSL.</p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker, able to control the arguments of the GENERAL_NAME_cmp
+      function in an application linked against OpenSSL, could possibly cause a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSSL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/openssl-1.1.1i"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1971">CVE-2020-1971</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:47:12Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:52:34Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-14.xml
new file mode 100644
index 0000000000..6d7c215154
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-14.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-14">
+  <title>cURL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in cURL, the worst of
+    which could result in information disclosure or data loss.
+  </synopsis>
+  <product type="ebuild">curl</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>737990</bug>
+  <bug>759259</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/curl" auto="yes" arch="*">
+      <unaffected range="ge">7.74.0</unaffected>
+      <vulnerable range="lt">7.74.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A command line tool and library for transferring data with URLs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in cURL. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All cURL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/curl-7.74.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8231">CVE-2020-8231</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8284">CVE-2020-8284</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8285">CVE-2020-8285</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8286">CVE-2020-8286</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:55:43Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:52:57Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-15.xml
new file mode 100644
index 0000000000..771f8956fd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-15.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-15">
+  <title>GDK-PixBuf: Denial of service</title>
+  <synopsis>A vulnerability in GDK-PixBuf library could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">gdk-pixbuf</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>759094</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="x11-libs/gdk-pixbuf" auto="yes" arch="*">
+      <unaffected range="ge">2.42.2</unaffected>
+      <vulnerable range="lt">2.42.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GDK-PixBuf is an image loading library for GTK+.</p>
+  </background>
+  <description>
+    <p>It was discovered that the GDK-PixBuf library did not properly handle
+      certain GIF images.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted GIF
+      image in an application linked against GDK-PixBuf library, possibly
+      resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GDK-PixBuf library users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=x11-libs/gdk-pixbuf-2.42.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29385">CVE-2020-29385</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T23:01:46Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:53:21Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-16.xml
new file mode 100644
index 0000000000..30556bb56e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-16.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-16">
+  <title>PHP: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PHP, the worst of which
+    could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">php</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>711140</bug>
+  <bug>745993</bug>
+  <bug>756775</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-lang/php" auto="yes" arch="*">
+      <unaffected range="ge" slot="7.2">7.2.34-r1</unaffected>
+      <unaffected range="ge" slot="7.3">7.3.25</unaffected>
+      <unaffected range="ge" slot="7.4">7.4.13</unaffected>
+      <vulnerable range="lt">8.0.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PHP is an open source general-purpose scripting language that is
+      especially suited for web development.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PHP. Please review the
+      CVE identifiers and change log referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker could cause a Denial of Service condition or obtain
+      sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PHP 7.2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.2.34-r1:7.2"
+    </code>
+    
+    <p>All PHP 7.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.3.25:7.3"
+    </code>
+    
+    <p>All PHP 7.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.4.13:7.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7069">CVE-2020-7069</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7070">CVE-2020-7070</uri>
+    <uri link="https://www.php.net/ChangeLog-7.php#7.4.13">PHP 7.4.13 Change
+      Log
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T23:21:19Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:53:43Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-17.xml
new file mode 100644
index 0000000000..80b1db8fc4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-17.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-17">
+  <title>D-Bus: Denial of service</title>
+  <synopsis>A local Denial of Service vulnerability was discovered in D-Bus.</synopsis>
+  <product type="ebuild">dbus</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>755392</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/dbus" auto="yes" arch="*">
+      <unaffected range="ge">1.12.20</unaffected>
+      <vulnerable range="lt">1.12.20</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>D-Bus is a message bus system which processes can use to talk to each
+      other.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that D-Bus did not properly handle the situation when
+      two usernames have the same numeric UID.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker could possibly cause a Denial of Service condition or
+      trigger other undefined behavior, possibly including incorrect
+      authorization decisions.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All D-Bus users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/dbus-1.12.20"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://lists.freedesktop.org/archives/ftp-release/2020-July/000758.html">
+      dbus 1.12.20 security update announcement
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T00:47:59Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:54:00Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-18.xml
new file mode 100644
index 0000000000..f7fbf13a6d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-18.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-18">
+  <title>PowerDNS: information disclosure</title>
+  <synopsis>An information disclosure vulnerability in PowerDNS allow remote
+    attackers to obtain sensitive information.
+  </synopsis>
+  <product type="ebuild">pdns</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>744160</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-dns/pdns" auto="yes" arch="*">
+      <unaffected range="ge">4.3.1</unaffected>
+      <vulnerable range="lt">4.3.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The PowerDNS nameserver is an authoritative-only nameserver which uses a
+      flexible backend architecture.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that PowerDNS did not properly handle certain unknown
+      records.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An authorized attacker with the ability to insert crafted records into a
+      zone might be able to leak the content of uninitialized memory. Crafted
+      records cannot be inserted via AXFR.
+    </p>
+  </impact>
+  <workaround>
+    <p>Do not take zone data from untrusted users.</p>
+  </workaround>
+  <resolution>
+    <p>All PowerDNS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/pdns-4.3.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17482">CVE-2020-17482</uri>
+    <uri link="https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html">
+      PowerDNS Security Advisory 2020-05
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T16:32:50Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:54:22Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-19.xml
new file mode 100644
index 0000000000..939cc25c34
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-19.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-19">
+  <title>PowerDNS Recursor: Denial of service</title>
+  <synopsis>A vulnerability in PowerDNS Recursor could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">pdns-recursor</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>746923</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-dns/pdns-recursor" auto="yes" arch="*">
+      <unaffected range="ge">4.3.5</unaffected>
+      <vulnerable range="lt">4.3.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PowerDNS Recursor is a high-end, high-performance resolving name server.</p>
+  </background>
+  <description>
+    <p>It was discovered that it was possible to update the DNSSEC validation
+      state to a bogus state for a cached record via DNS ANY query.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send specially crafted DNS queries to deny
+      DNSSEC validation.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PowerDNS Recursor users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/pdns-recursor-4.3.5"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25829">CVE-2020-25829</uri>
+    <uri link="https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html">
+      PowerDNS Security Advisory 2020-07
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T17:00:31Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:54:43Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-20.xml
new file mode 100644
index 0000000000..883bfb8411
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-20.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-20">
+  <title>Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox and
+    Mozilla Thunderbird, the worst of which could result in the arbitrary
+    execution of code.
+  </synopsis>
+  <product type="ebuild">firefox,thunderbird</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>759097</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.6.0</unaffected>
+      <unaffected range="ge">84.0</unaffected>
+      <vulnerable range="lt">84.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.6.0</unaffected>
+      <unaffected range="ge">84.0</unaffected>
+      <vulnerable range="lt">84.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.6.0</unaffected>
+      <vulnerable range="lt">78.6.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.6.0</unaffected>
+      <vulnerable range="lt">78.6.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+    
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox and
+      Mozilla Thunderbird. Please review the CVE identifiers referenced below
+      for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-84.0"
+    </code>
+    
+    <p>All Mozilla Firefox (bin) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-84.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-78.6.0:0/esr78"
+    </code>
+    
+    <p>All Mozilla Firefox ESR (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.6.0:0/esr78"
+    </code>
+    
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.6.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird (bin) users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.6.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16042">CVE-2020-16042</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26971">CVE-2020-26971</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26973">CVE-2020-26973</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26974">CVE-2020-26974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26978">CVE-2020-26978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35111">CVE-2020-35111</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35113">CVE-2020-35113</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/">
+      MFSA-2020-55
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/">
+      MFSA-2020-56
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T22:07:43Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:56:47Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-21.xml
new file mode 100644
index 0000000000..3baa8cb1d4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-21.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-21">
+  <title>Mozilla Network Security Service (NSS): Denial of service</title>
+  <synopsis>A vulnerability in NSS might allow remote attackers to cause a
+    Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">nss</product>
+  <announced>2020-12-23</announced>
+  <revised count="1">2020-12-23</revised>
+  <bug>750254</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-libs/nss" auto="yes" arch="*">
+      <unaffected range="ge">3.58</unaffected>
+      <vulnerable range="lt">3.58</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Mozilla Network Security Service (NSS) is a library implementing
+      security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS
+      #12, S/MIME and X.509 certificates.
+    </p>
+  </background>
+  <description>
+    <p>A flaw was found in the way Mozilla Network Security Service (NSS)
+      handled CCS (ChangeCipherSpec) messages in TLS 1.3.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send multiple crafted CSS messages in row after
+      ClientHello message to a server application linked against NSS library,
+      possibly resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>Disable TLS 1.3 protocol.</p>
+  </workaround>
+  <resolution>
+    <p>All NSS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/nss-3.58"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25648">CVE-2020-25648</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-22T23:13:35Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-23T19:58:04Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-22.xml
new file mode 100644
index 0000000000..083b6e2777
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-22.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-22">
+  <title>HAProxy: Arbitrary code execution</title>
+  <synopsis>A buffer overflow in HAProxy might allow an attacker to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">haproxy</product>
+  <announced>2020-12-24</announced>
+  <revised count="1">2020-12-24</revised>
+  <bug>715944</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-proxy/haproxy" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/2.0">2.0.13</unaffected>
+      <unaffected range="ge">2.1.4</unaffected>
+      <vulnerable range="lt">2.1.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>HAProxy is a TCP/HTTP reverse proxy for high availability environments.</p>
+  </background>
+  <description>
+    <p>It was discovered that HAProxy incorrectly handled certain HTTP/2
+      headers.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by sending a specially crafted HTTP/2 request, could
+      possibly execute arbitrary code with the privileges of the process, or
+      cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>Disable HTTP/2 support.</p>
+  </workaround>
+  <resolution>
+    <p>All HAProxy 2.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-proxy/haproxy-2.0.13:0/2.0"
+    </code>
+    
+    <p>All other HAProxy users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-proxy/haproxy-2.1.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11100">CVE-2020-11100</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-05-20T16:01:15Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2020-12-24T14:09:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-23.xml
new file mode 100644
index 0000000000..15ee7d6925
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-23.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-23">
+  <title>Apache Tomcat: Information disclosure</title>
+  <synopsis>A vulnerability has been discovered in Apache Tomcat that allows
+    for the disclosure of sensitive information.
+  </synopsis>
+  <product type="ebuild">tomcat</product>
+  <announced>2020-12-24</announced>
+  <revised count="1">2020-12-24</revised>
+  <bug>758338</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/tomcat" auto="yes" arch="*">
+      <unaffected range="ge" slot="8.5">8.5.60</unaffected>
+      <unaffected range="ge" slot="9">9.0.40</unaffected>
+      <vulnerable range="lt" slot="8.5">8.5.60</vulnerable>
+      <vulnerable range="lt" slot="9">9.0.40</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Apache Tomcat is a Servlet-3.0/JSP-2.2 Container.</p>
+  </background>
+  <description>
+    <p>It was discovered that Apache Tomcat could re-use an HTTP request header
+      value from the previous stream received on an HTTP/2 connection for the
+      request associated with the subsequent stream.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker, by sending well-timed HTTP/2 requests, could possibly
+      obtain sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>Disable HTTP/2 support.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Tomcat 8.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/tomcat-8.5.60:8.5"
+    </code>
+    
+    <p>All Apache Tomcat 9.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/tomcat-9.0.40:9"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17527">CVE-2020-17527</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T01:20:53Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-24T14:11:02Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-24.xml
new file mode 100644
index 0000000000..b0f388729a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202012-24.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202012-24">
+  <title>Samba: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Samba, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">samba</product>
+  <announced>2020-12-24</announced>
+  <revised count="1">2020-12-24</revised>
+  <bug>743433</bug>
+  <bug>751724</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-fs/samba" auto="yes" arch="*">
+      <unaffected range="ge">4.12.9</unaffected>
+      <vulnerable range="lt">4.12.9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Samba is a suite of SMB and CIFS client/server programs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Samba. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Samba users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-fs/samba-4.12.9"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14318">CVE-2020-14318</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14323">CVE-2020-14323</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14383">CVE-2020-14383</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1472">CVE-2020-1472</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-23T17:13:10Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2020-12-24T14:11:44Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-01.xml
new file mode 100644
index 0000000000..c5890e4772
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-01.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-01">
+  <title>Dovecot: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Dovecot, the worst of
+    which could allow remote attackers to cause a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">dovecot</product>
+  <announced>2021-01-10</announced>
+  <revised count="1">2021-01-10</revised>
+  <bug>763525</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-mail/dovecot" auto="yes" arch="*">
+      <unaffected range="ge">2.3.13</unaffected>
+      <vulnerable range="lt">2.3.13</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dovecot is an open source IMAP and POP3 email server.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Dovecot. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could send a specially crafted mail or send a
+      specially crafted IMAP command possibly resulting in a Denial of Service
+      condition or an authenticated remote attacker might be able to discover
+      the file system directory structure and access other users’ emails.
+    </p>
+  </impact>
+  <workaround>
+    <p>The information disclosure vulnerability can be mitigated by disabling
+      IMAP hibernation feature which isn’t enabled by default.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All Dovecot users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-mail/dovecot-2.3.13"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24386">CVE-2020-24386</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25275">CVE-2020-25275</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-06T15:39:45Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-01-10T09:16:29Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-02.xml
new file mode 100644
index 0000000000..3f021e488b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-02.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-02">
+  <title>Firejail: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Firejail, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firejail</product>
+  <announced>2021-01-10</announced>
+  <revised count="1">2021-01-10</revised>
+  <bug>736816</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/firejail" auto="yes" arch="*">
+      <unaffected range="ge">0.9.64</unaffected>
+      <vulnerable range="lt">0.9.64</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A SUID program that reduces the risk of security breaches by restricting
+      the running environment of untrusted applications using Linux namespaces
+      and seccomp-bpf.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Firejail. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Firejail users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/firejail-0.9.64"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17367">CVE-2020-17367</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17368">CVE-2020-17368</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-16T19:22:48Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-10T09:18:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-03.xml
new file mode 100644
index 0000000000..1202c1ba25
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-03.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-03">
+  <title>ipmitool: Multiple vulnerabilities</title>
+  <synopsis>A buffer overflow in ipmitool might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">ipmitool</product>
+  <announced>2021-01-10</announced>
+  <revised count="1">2021-01-10</revised>
+  <bug>708436</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/ipmitool" auto="yes" arch="*">
+      <unaffected range="ge">1.8.18_p20201004-r1</unaffected>
+      <vulnerable range="lt">1.8.18_p20201004-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Utility for controlling IPMI enabled devices.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in ipmiool. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ipmitool users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=sys-apps/ipmitool-1.8.18_p20201004-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-5208">CVE-2020-5208</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-16T19:23:11Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-10T09:19:54Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-04.xml
new file mode 100644
index 0000000000..c2d23f52d1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-04.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-04">
+  <title>Mozilla Firefox: Remote code execution</title>
+  <synopsis>A use-after-free in Mozilla Firefox's SCTP handling may allow
+    remote code execution.
+  </synopsis>
+  <product type="ebuild">firefox,thunderbird</product>
+  <announced>2021-01-10</announced>
+  <revised count="1">2021-01-10</revised>
+  <bug>764161</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.6.1</unaffected>
+      <unaffected range="ge">84.0.2</unaffected>
+      <vulnerable range="lt">84.0.2</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.6.1</unaffected>
+      <unaffected range="ge">84.0.2</unaffected>
+      <vulnerable range="lt">84.0.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>A use-after-free bug was discovered in Mozilla Firefox’s handling of
+      SCTP.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-78.6.1:0/esr78"
+    </code>
+    
+    <p>All Firefox ESR binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/firefox-bin-78.6.1:0/esr78"
+    </code>
+    
+    <p>All Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-84.0.2"
+    </code>
+    
+    <p>All Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-84.0.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16044">CVE-2020-16044</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/">
+      MFSA-2021-01
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-09T16:49:31Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-10T09:20:31Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-05.xml
new file mode 100644
index 0000000000..ced5846cab
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-05.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-05">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">google-chrome,chromium</product>
+  <announced>2021-01-10</announced>
+  <revised count="1">2021-01-10</revised>
+  <bug>764251</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">87.0.4280.141</unaffected>
+      <vulnerable range="lt">87.0.4280.141</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">87.0.4280.141</unaffected>
+      <vulnerable range="lt">87.0.4280.141</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-87.0.4280.141"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-87.0.4280.141"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15995">CVE-2020-15995</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16043">CVE-2020-16043</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21106">CVE-2021-21106</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21107">CVE-2021-21107</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21108">CVE-2021-21108</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21109">CVE-2021-21109</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21110">CVE-2021-21110</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21111">CVE-2021-21111</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21112">CVE-2021-21112</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21113">CVE-2021-21113</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21114">CVE-2021-21114</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21115">CVE-2021-21115</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21116">CVE-2021-21116</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-09T16:48:49Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-10T09:21:08Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-06.xml
new file mode 100644
index 0000000000..efa0c4ddc2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-06.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-06">
+  <title>Ark: Symlink vulnerability</title>
+  <synopsis>Ark was found to allow arbitrary file overwrite, possibly allowing
+    arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">ark</product>
+  <announced>2021-01-11</announced>
+  <revised count="1">2021-01-11</revised>
+  <bug>743959</bug>
+  <access>remote</access>
+  <affected>
+    <package name="kde-apps/ark" auto="yes" arch="*">
+      <unaffected range="ge">20.04.3-r2</unaffected>
+      <vulnerable range="lt">20.04.3-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ark is a graphical file compression/decompression utility with support
+      for multiple formats.
+    </p>
+  </background>
+  <description>
+    <p>KDE Ark did not fully verify symlinks contained within tar archives.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted tar
+      archive using KDE Ark, possibly resulting in execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All KDE Ark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-apps/ark-20.04.3-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24654">CVE-2020-24654</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-10T20:45:32Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-11T09:13:16Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-07.xml
new file mode 100644
index 0000000000..14b6b1ae8c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-07.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-07">
+  <title>NodeJS: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in NodeJS, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">nodejs</product>
+  <announced>2021-01-11</announced>
+  <revised count="1">2021-01-11</revised>
+  <bug>726836</bug>
+  <bug>731654</bug>
+  <bug>742893</bug>
+  <bug>754942</bug>
+  <bug>763588</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/nodejs" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/15">15.5.1</unaffected>
+      <unaffected range="ge" slot="0/14">14.15.1</unaffected>
+      <unaffected range="ge" slot="0/12">12.20.1</unaffected>
+      <vulnerable range="lt">15.5.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript
+      engine.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in NodeJS. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NodeJS 15 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/nodejs-15.5.1"
+    </code>
+    
+    <p>All NodeJS 14 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/nodejs-14.15.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15095">CVE-2020-15095</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8172">CVE-2020-8172</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8174">CVE-2020-8174</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8201">CVE-2020-8201</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8251">CVE-2020-8251</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8265">CVE-2020-8265</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8277">CVE-2020-8277</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-8287">CVE-2020-8287</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-10T19:55:45Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-11T09:13:22Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-08.xml
new file mode 100644
index 0000000000..64adcec9d2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-08.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-08">
+  <title>Pillow: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Pillow, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">pillow</product>
+  <announced>2021-01-11</announced>
+  <revised count="1">2021-01-11</revised>
+  <bug>763210</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/pillow" auto="yes" arch="*">
+      <unaffected range="ge">8.1.0</unaffected>
+      <vulnerable range="lt">8.1.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Python Imaging Library (fork)</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Pillow. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Pillow users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/pillow-8.1.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35653">CVE-2020-35653</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35654">CVE-2020-35654</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35655">CVE-2020-35655</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-04T00:06:19Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-11T09:13:26Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-09.xml
new file mode 100644
index 0000000000..a5a9f5605e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-09.xml
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-09">
+  <title>VirtualBox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in VirtualBox, the worst
+    of which could allow an attacker to take control of VirtualBox.
+  </synopsis>
+  <product type="ebuild">virtualbox</product>
+  <announced>2021-01-12</announced>
+  <revised count="1">2021-01-12</revised>
+  <bug>714064</bug>
+  <bug>717626</bug>
+  <bug>717782</bug>
+  <bug>733924</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/virtualbox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/6.1">6.1.12</unaffected>
+      <unaffected range="ge" slot="0/6.0">6.0.24</unaffected>
+      <vulnerable range="lt">6.1.12</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>VirtualBox is a powerful virtualization product from Oracle.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in VirtualBox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could take control of VirtualBox resulting in the execution
+      of arbitrary code with the privileges of the process, a Denial of Service
+      condition, or other unspecified impacts.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Virtualbox 6.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=app-emulation/virtualbox-6.0.24:0/6.0"
+    </code>
+    
+    <p>All Virtualbox 6.1.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=app-emulation/virtualbox-6.1.12:0/6.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2848">CVE-2019-2848</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2850">CVE-2019-2850</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2859">CVE-2019-2859</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2863">CVE-2019-2863</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2864">CVE-2019-2864</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2865">CVE-2019-2865</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2866">CVE-2019-2866</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2867">CVE-2019-2867</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2873">CVE-2019-2873</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2874">CVE-2019-2874</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2875">CVE-2019-2875</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2876">CVE-2019-2876</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2877">CVE-2019-2877</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2926">CVE-2019-2926</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2944">CVE-2019-2944</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2984">CVE-2019-2984</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3002">CVE-2019-3002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3005">CVE-2019-3005</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3017">CVE-2019-3017</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3021">CVE-2019-3021</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3026">CVE-2019-3026</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3028">CVE-2019-3028</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-3031">CVE-2019-3031</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14628">CVE-2020-14628</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14629">CVE-2020-14629</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14646">CVE-2020-14646</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14647">CVE-2020-14647</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14648">CVE-2020-14648</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14649">CVE-2020-14649</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14650">CVE-2020-14650</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14673">CVE-2020-14673</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14674">CVE-2020-14674</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14675">CVE-2020-14675</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14676">CVE-2020-14676</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14677">CVE-2020-14677</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14694">CVE-2020-14694</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14695">CVE-2020-14695</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14698">CVE-2020-14698</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14699">CVE-2020-14699</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14700">CVE-2020-14700</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14703">CVE-2020-14703</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14704">CVE-2020-14704</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14707">CVE-2020-14707</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14711">CVE-2020-14711</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14712">CVE-2020-14712</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14713">CVE-2020-14713</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14714">CVE-2020-14714</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14715">CVE-2020-14715</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2575">CVE-2020-2575</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2674">CVE-2020-2674</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2678">CVE-2020-2678</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2681">CVE-2020-2681</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2682">CVE-2020-2682</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2689">CVE-2020-2689</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2690">CVE-2020-2690</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2691">CVE-2020-2691</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2692">CVE-2020-2692</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2693">CVE-2020-2693</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2698">CVE-2020-2698</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2701">CVE-2020-2701</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2702">CVE-2020-2702</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2703">CVE-2020-2703</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2704">CVE-2020-2704</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2705">CVE-2020-2705</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2725">CVE-2020-2725</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2726">CVE-2020-2726</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2727">CVE-2020-2727</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2741">CVE-2020-2741</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2742">CVE-2020-2742</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2743">CVE-2020-2743</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2748">CVE-2020-2748</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2758">CVE-2020-2758</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2894">CVE-2020-2894</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2902">CVE-2020-2902</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2905">CVE-2020-2905</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2907">CVE-2020-2907</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2908">CVE-2020-2908</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2909">CVE-2020-2909</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2910">CVE-2020-2910</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2911">CVE-2020-2911</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2913">CVE-2020-2913</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2914">CVE-2020-2914</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2929">CVE-2020-2929</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2951">CVE-2020-2951</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2958">CVE-2020-2958</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2959">CVE-2020-2959</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-04-17T04:23:43Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2021-01-12T17:56:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-10.xml
new file mode 100644
index 0000000000..8abb71de98
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-10.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-10">
+  <title>Asterisk: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Asterisk, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">asterisk</product>
+  <announced>2021-01-12</announced>
+  <revised count="1">2021-01-12</revised>
+  <bug>753269</bug>
+  <bug>761313</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/asterisk" auto="yes" arch="*">
+      <unaffected range="ge">13.38.1</unaffected>
+      <vulnerable range="lt">13.38.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A Modular Open Source PBX System.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Asterisk. Please review
+      the security advisories referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Asterisk users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/asterisk-13.38.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://downloads.asterisk.org/pub/security/AST-2020-001.html">
+      AST-2020-001
+    </uri>
+    <uri link="https://downloads.asterisk.org/pub/security/AST-2020-002.html">
+      AST-2020-002
+    </uri>
+    <uri link="https://downloads.asterisk.org/pub/security/AST-2020-003.html">
+      AST-2020-003
+    </uri>
+    <uri link="https://downloads.asterisk.org/pub/security/AST-2020-004.html">
+      AST-2020-004
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-04T16:30:21Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-12T17:58:27Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-11.xml
new file mode 100644
index 0000000000..317df24d34
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-11.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-11">
+  <title>Zabbix: Root privilege escalation</title>
+  <synopsis>Multiple vulnerabilities were discovered in Gentoo's ebuild for
+    Zabbix which could lead to root privilege escalation.
+  </synopsis>
+  <product type="ebuild">zabbix</product>
+  <announced>2021-01-21</announced>
+  <revised count="1">2021-01-21</revised>
+  <bug>629882</bug>
+  <bug>629884</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-analyzer/zabbix" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/3.0">3.0.30</unaffected>
+      <unaffected range="ge" slot="0/4.0">4.0.18</unaffected>
+      <vulnerable range="lt">4.4.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Zabbix is software for monitoring applications, networks, and servers.</p>
+  </background>
+  <description>
+    <p>It was discovered that Gentoo’s Zabbix ebuild did not properly set
+      permissions or placed the pid file in an unsafe directory.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Zabbix 3.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=net-analyzer/zabbix-3.0.30:0/3.0"
+    </code>
+    
+    <p>All Zabbix  4.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=net-analyzer/zabbix-4.0.18:0/4.0"
+    </code>
+    
+    <p>All other Zabbix users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/zabbix-4.4.6"
+    </code>
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2020-04-16T06:25:12Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2021-01-21T19:18:35Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-12.xml
new file mode 100644
index 0000000000..10de65bdd4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-12.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-12">
+  <title>Wireshark: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Wireshark, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>759541</bug>
+  <bug>760800</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">3.4.2</unaffected>
+      <vulnerable range="lt">3.4.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Wireshark is a network protocol analyzer formerly known as ethereal.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Wireshark. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Wireshark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-3.4.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26418">CVE-2020-26418</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26419">CVE-2020-26419</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26420">CVE-2020-26420</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26421">CVE-2020-26421</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26422">CVE-2020-26422</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-22T00:09:25Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T16:10:45Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-13.xml
new file mode 100644
index 0000000000..e5c9507b0d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-13.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-13">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">google-chrome,chromium</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>766207</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">88.0.4324.96</unaffected>
+      <vulnerable range="lt">88.0.4324.96</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">88.0.4324.96</unaffected>
+      <vulnerable range="lt">88.0.4324.96</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-88.0.4324.96"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-88.0.4324.96"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16044">CVE-2020-16044</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21117">CVE-2021-21117</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21118">CVE-2021-21118</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21119">CVE-2021-21119</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21120">CVE-2021-21120</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21121">CVE-2021-21121</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21122">CVE-2021-21122</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21123">CVE-2021-21123</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21124">CVE-2021-21124</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21125">CVE-2021-21125</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21126">CVE-2021-21126</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21127">CVE-2021-21127</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21128">CVE-2021-21128</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21129">CVE-2021-21129</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21130">CVE-2021-21130</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21131">CVE-2021-21131</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21132">CVE-2021-21132</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21133">CVE-2021-21133</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21134">CVE-2021-21134</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21135">CVE-2021-21135</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21136">CVE-2021-21136</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21137">CVE-2021-21137</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21138">CVE-2021-21138</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21139">CVE-2021-21139</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21140">CVE-2021-21140</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21141">CVE-2021-21141</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-22T00:15:06Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T16:11:56Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-14.xml
new file mode 100644
index 0000000000..f8ce93e509
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-14.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-14">
+  <title>Mozilla Thunderbird: Remote code execution</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>765088</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.6.1</unaffected>
+      <vulnerable range="lt">78.6.1</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.6.1</unaffected>
+      <vulnerable range="lt">78.6.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>A use-after-free bug was discovered in Mozilla Thunderbird handling of
+      SCTP.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.6.1"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.6.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16044">CVE-2020-16044</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/">
+      MFSA-2021-02
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-22T00:15:52Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T16:13:18Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-15.xml
new file mode 100644
index 0000000000..3762d3444f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-15.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-15">
+  <title>VirtualBox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in VirtualBox, the worst
+    of which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">virtualbox</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>750782</bug>
+  <bug>766348</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/virtualbox" auto="yes" arch="*">
+      <unaffected range="ge">6.1.18</unaffected>
+      <vulnerable range="lt">6.1.18</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>VirtualBox is a powerful virtualization product from Oracle.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in VirtualBox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All VirtualBox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/virtualbox-6.1.18"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14872">CVE-2020-14872</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14881">CVE-2020-14881</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14884">CVE-2020-14884</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14885">CVE-2020-14885</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14886">CVE-2020-14886</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14889">CVE-2020-14889</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14892">CVE-2020-14892</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2073">CVE-2021-2073</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2074">CVE-2021-2074</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2086">CVE-2021-2086</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2111">CVE-2021-2111</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2112">CVE-2021-2112</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2119">CVE-2021-2119</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2120">CVE-2021-2120</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2121">CVE-2021-2121</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2123">CVE-2021-2123</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2124">CVE-2021-2124</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2125">CVE-2021-2125</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2126">CVE-2021-2126</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2127">CVE-2021-2127</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2128">CVE-2021-2128</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2129">CVE-2021-2129</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2130">CVE-2021-2130</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2131">CVE-2021-2131</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-18T03:00:34Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T16:14:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-16.xml
new file mode 100644
index 0000000000..2f7ed9ee67
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-16.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-16">
+  <title>KDE Connect: Denial of service</title>
+  <synopsis>A vulnerability in KDE Connect could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">kde-connect</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>746401</bug>
+  <access>remote</access>
+  <affected>
+    <package name="kde-misc/kdeconnect" auto="yes" arch="*">
+      <unaffected range="ge">20.04.3-r1</unaffected>
+      <vulnerable range="lt">20.04.3-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>KDE Connect is a project that enables all your devices to communicate
+      with each other.
+    </p>
+  </background>
+  <description>
+    <p>Multiple issues causing excessive resource consumption were found in KDE
+      Connect.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All KDE Connect users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=kde-misc/kdeconnect-20.04.3-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26164">CVE-2020-26164</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-22T00:28:04Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T16:16:11Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-17.xml
new file mode 100644
index 0000000000..9fd515383c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-17.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-17">
+  <title>Dnsmasq: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Dnsmasq, the worst of
+    which may allow remote attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">dnsmasq</product>
+  <announced>2021-01-22</announced>
+  <revised count="1">2021-01-22</revised>
+  <bug>766126</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-dns/dnsmasq" auto="yes" arch="*">
+      <unaffected range="ge">2.83</unaffected>
+      <vulnerable range="lt">2.83</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP
+      server.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Dnsmasq. Please review
+      the references below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker, by sending specially crafted DNS replies, could possibly
+      execute arbitrary code with the privileges of the process, perform a
+      cache poisoning attack or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Dnsmasq users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/dnsmasq-2.83"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25681">CVE-2020-25681</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25682">CVE-2020-25682</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25683">CVE-2020-25683</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25684">CVE-2020-25684</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25685">CVE-2020-25685</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25686">CVE-2020-25686</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25687">CVE-2020-25687</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-21T20:58:48Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-01-22T17:55:39Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-18.xml
new file mode 100644
index 0000000000..03d6e27b19
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-18.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-18">
+  <title>Python: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Python, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">python</product>
+  <announced>2021-01-24</announced>
+  <revised count="1">2021-01-24</revised>
+  <bug>749339</bug>
+  <bug>759928</bug>
+  <bug>766189</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-lang/python" auto="yes" arch="*">
+      <unaffected range="ge" slot="2.7">2.7.18-r6</unaffected>
+      <unaffected range="ge" slot="3.6">3.6.12-r2</unaffected>
+      <unaffected range="ge" slot="3.7">3.7.9-r2</unaffected>
+      <unaffected range="ge" slot="3.8">3.8.7-r1</unaffected>
+      <unaffected range="ge" slot="3.9">3.9.1-r1</unaffected>
+      <vulnerable range="lt" slot="2.7">2.7.18-r6</vulnerable>
+      <vulnerable range="lt" slot="3.6">3.6.12-r2</vulnerable>
+      <vulnerable range="lt" slot="3.7">3.7.9-r2</vulnerable>
+      <vulnerable range="lt" slot="3.8">3.8.7-r1</vulnerable>
+      <vulnerable range="lt" slot="3.9">3.9.1-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Python is an interpreted, interactive, object-oriented programming
+      language.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Python. Please review
+      the bugs referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Python 2.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.18-r5"
+    </code>
+    
+    <p>All Python 3.6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.6.12-r1"
+    </code>
+    
+    <p>All Python 3.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.7.9-r1"
+    </code>
+    
+    <p>All Python 3.8 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.8.6-r1"
+    </code>
+    
+    <p>All Python 3.9 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.9.0-r1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26116">CVE-2020-26116</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3177">CVE-2021-3177</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-04T03:36:56Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-24T23:58:22Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-19.xml
new file mode 100644
index 0000000000..866c37dcdf
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-19.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-19">
+  <title>OpenJDK: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenJDK, the worst of
+    which could result in the arbitrary execution of code. 
+  </synopsis>
+  <product type="ebuild">openjdk</product>
+  <announced>2021-01-25</announced>
+  <revised count="1">2021-01-25</revised>
+  <bug>705992</bug>
+  <bug>750833</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/openjdk" auto="yes" arch="*">
+      <unaffected range="ge">8.272_p10</unaffected>
+      <vulnerable range="lt">8.272_p10</vulnerable>
+    </package>
+    <package name="dev-java/openjdk-bin" auto="yes" arch="*">
+      <unaffected range="ge">8.272_p10</unaffected>
+      <vulnerable range="lt">8.272_p10</vulnerable>
+    </package>
+    <package name="dev-java/openjdk-jre-bin" auto="yes" arch="*">
+      <unaffected range="ge">8.272_p10</unaffected>
+      <vulnerable range="lt">8.272_p10</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenJDK is a free and open-source implementation of the Java Platform,
+      Standard Edition.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenJDK. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenJDK users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/openjdk-8.272_p10"
+    </code>
+    
+    <p>All OpenJDK (binary) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/openjdk-bin-8.272_p10"
+    </code>
+    
+    <p>All OpenJDK JRE (binary) users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=dev-java/openjdk-jre-bin-8.272_p10"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14779">CVE-2020-14779</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14781">CVE-2020-14781</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14782">CVE-2020-14782</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14792">CVE-2020-14792</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14796">CVE-2020-14796</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14797">CVE-2020-14797</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14798">CVE-2020-14798</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14803">CVE-2020-14803</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2583">CVE-2020-2583</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2590">CVE-2020-2590</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2593">CVE-2020-2593</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2601">CVE-2020-2601</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2604">CVE-2020-2604</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2654">CVE-2020-2654</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2659">CVE-2020-2659</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-01T10:46:07Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-25T00:02:23Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-20.xml
new file mode 100644
index 0000000000..c4fc0f6dd3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-20.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-20">
+  <title>glibc: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in glibc, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">glibc</product>
+  <announced>2021-01-25</announced>
+  <revised count="1">2021-01-25</revised>
+  <bug>611344</bug>
+  <bug>717058</bug>
+  <bug>720730</bug>
+  <bug>758359</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-libs/glibc" auto="yes" arch="*">
+      <unaffected range="ge">2.32-r5</unaffected>
+      <vulnerable range="lt">2.32-r5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>glibc is a package that contains the GNU C library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in glibc. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All glibc users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/glibc-2.32-r5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-10228">CVE-2016-10228</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1752">CVE-2020-1752</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29562">CVE-2020-29562</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29573">CVE-2020-29573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6096">CVE-2020-6096</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-12-27T17:59:30Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-25T00:05:08Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-21.xml
new file mode 100644
index 0000000000..38c63fc9f4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-21.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-21">
+  <title>Flatpak: Sandbox escape</title>
+  <synopsis>A vulnerability was discovered in Flatpak which could allow a
+    remote attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">flatpak</product>
+  <announced>2021-01-25</announced>
+  <revised count="1">2021-01-25</revised>
+  <bug>765457</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/flatpak" auto="yes" arch="*">
+      <unaffected range="ge">1.10.0</unaffected>
+      <vulnerable range="lt">1.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Flatpak is a Linux application sandboxing and distribution framework.</p>
+  </background>
+  <description>
+    <p>A bug was discovered in the flatpak-portal service that can allow
+      sandboxed applications to execute arbitrary code on the host system (a
+      sandbox escape).
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      Flatpak app possibly resulting in execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>As a workaround, this vulnerability can be mitigated by preventing the
+      flatpak-portal service from starting, but that mitigation will prevent
+      many Flatpak apps from working correctly. It is highly recommended to
+      upgrade.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All Flatpak users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/flatpak-1.10.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21261">CVE-2021-21261</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-22T00:26:55Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-25T00:07:24Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-22.xml
new file mode 100644
index 0000000000..36a94ff168
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-22.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-22">
+  <title>libvirt: Unintended access to /dev/mapper/control</title>
+  <synopsis>A vulnerability in libvirt may allow root privilege escalation.</synopsis>
+  <product type="ebuild">libvirt</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>739948</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-emulation/libvirt" auto="yes" arch="*">
+      <unaffected range="ge">6.7.0</unaffected>
+      <vulnerable range="lt">6.7.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libvirt is a C toolkit for manipulating virtual machines.</p>
+  </background>
+  <description>
+    <p>A file descriptor for /dev/mapper/control was insufficiently protected.</p>
+  </description>
+  <impact type="high">
+    <p>A local attacker may be able to escalate to root privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libvirt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/libvirt-6.7.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14339">CVE-2020-14339</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-10-05T23:25:12Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:10:19Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-23.xml
new file mode 100644
index 0000000000..d3ba7f3054
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-23.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-23">
+  <title>PEAR Archive_Tar: Directory traversal</title>
+  <synopsis>Multiple vulnerabilities have been found in PEAR Archive_Tar, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">PEAR-Archive_Tar</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>755653</bug>
+  <bug>766036</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-php/PEAR-Archive_Tar" auto="yes" arch="*">
+      <unaffected range="ge">1.4.12</unaffected>
+      <vulnerable range="lt">1.4.12</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>This class provides handling of tar files in PHP.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PEAR Archive_Tar.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PEAR-Archive_Tar users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-php/PEAR-Archive_Tar-1.4.12"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28948">CVE-2020-28948</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28949">CVE-2020-28949</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36193">CVE-2020-36193</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T23:43:27Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:10:53Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-24.xml
new file mode 100644
index 0000000000..3e9fb3f777
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-24.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-24">
+  <title>cfitsio: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in cfitsio, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">cfitsio</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>673944</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sci-libs/cfitsio" auto="yes" arch="*">
+      <unaffected range="ge">3.490</unaffected>
+      <vulnerable range="lt">3.490</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A C and Fortran library for manipulating FITS files.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in cfitsio. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All cfitsio users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sci-libs/cfitsio-3.490"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-3846">CVE-2018-3846</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-3847">CVE-2018-3847</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-3848">CVE-2018-3848</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-3849">CVE-2018-3849</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T23:40:35Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:12:33Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-25.xml
new file mode 100644
index 0000000000..6914662437
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-25.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-25">
+  <title>Mutt: Denial of service</title>
+  <synopsis>A vulnerability in Mutt could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">mutt</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>765790</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/mutt" auto="yes" arch="*">
+      <unaffected range="ge">2.0.4-r1</unaffected>
+      <vulnerable range="lt">2.0.4-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mutt is a small but very powerful text-based mail client.</p>
+  </background>
+  <description>
+    <p>A memory leak could occur when a crafted email message is received.</p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/mutt-2.0.4-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3181">CVE-2021-3181</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T23:33:22Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:13:00Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-26.xml
new file mode 100644
index 0000000000..64fbf2c1b6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-26.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-26">
+  <title>f2fs-tools: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in f2fs-tools, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">f2fs-tools</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>749318</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-fs/f2fs-tools" auto="yes" arch="*">
+      <unaffected range="ge">1.14.0</unaffected>
+      <vulnerable range="lt">1.14.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Tools for Flash-Friendly File System (F2FS).</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in f2fs-tools. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All f2fs-tools users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-fs/f2fs-tools-1.14.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6104">CVE-2020-6104</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6105">CVE-2020-6105</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6106">CVE-2020-6106</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6107">CVE-2020-6107</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6108">CVE-2020-6108</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-01T10:45:37Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:13:26Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-27.xml
new file mode 100644
index 0000000000..776a918224
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-27.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-27">
+  <title>FreeRADIUS: Root privilege escalation</title>
+  <synopsis>Multiple vulnerabilities were discovered in Gentoo's systemd unit
+    for FreeRADIUS which could lead to root privilege escalation.
+  </synopsis>
+  <product type="ebuild">freeradius</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>630910</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-dialup/freeradius" auto="yes" arch="*">
+      <unaffected range="ge">3.0.20-r1</unaffected>
+      <vulnerable range="lt">3.0.20-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FreeRADIUS is a modular, high performance free RADIUS suite.</p>
+  </background>
+  <description>
+    <p>It was discovered that Gentoo’s FreeRADIUS systemd unit set
+      permissions on an unsafe directory on start.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FreeRADIUS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dialup/freeradius-3.0.20-r1"
+    </code>
+  </resolution>
+  <references>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T21:55:08Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:13:46Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-28.xml
new file mode 100644
index 0000000000..8ba014862b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-28.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-28">
+  <title>ncurses: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in ncurses, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">ncurses</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>698210</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-apps/ncurses" auto="yes" arch="*">
+      <unaffected range="ge">6.2</unaffected>
+      <vulnerable range="lt">6.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A console display library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in ncurses. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ncurses users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/ncurses-6.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17594">CVE-2019-17594</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17595">CVE-2019-17595</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T17:12:09Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:14:57Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-29.xml
new file mode 100644
index 0000000000..5f2c0b02b1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-29.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-29">
+  <title>OpenJPEG: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenJPEG, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">openjpeg</product>
+  <announced>2021-01-26</announced>
+  <revised count="2">2021-01-26</revised>
+  <bug>711260</bug>
+  <bug>718918</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/openjpeg" auto="yes" arch="*">
+      <unaffected range="ge" slot="2">2.4.0</unaffected>
+      <vulnerable range="lt" slot="2">2.4.0</vulnerable>
+      <vulnerable range="lt" slot="1">1.5.2-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenJPEG is an open-source JPEG 2000 library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenJPEG. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenJPEG 2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/openjpeg-2.4.0:2"
+    </code>
+    
+    <p>Gentoo has discontinued support OpenJPEG 1.x and any dependent packages
+      should now be using OpenJPEG 2 or have dropped support for the library.
+      We recommend that users unmerge OpenJPEG 1.x:
+    </p>
+    
+    <code>
+      # emerge --unmerge "media-libs/openjpeg:1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-21010">CVE-2018-21010</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12973">CVE-2019-12973</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15389">CVE-2020-15389</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27814">CVE-2020-27814</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27841">CVE-2020-27841</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27842">CVE-2020-27842</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27843">CVE-2020-27843</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27844">CVE-2020-27844</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27845">CVE-2020-27845</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T20:17:39Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T02:54:20Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-30.xml
new file mode 100644
index 0000000000..0c4e07eeaa
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-30.xml
@@ -0,0 +1,151 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-30">
+  <title>Qt WebEngine: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Qt WebEngine, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">qtwebengine</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>734600</bug>
+  <bug>754852</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-qt/qtwebengine" auto="yes" arch="*">
+      <unaffected range="ge">5.15.2</unaffected>
+      <vulnerable range="lt">5.15.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Library for rendering dynamic web content in Qt5 C++ and QML
+      applications.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Qt WebEngine. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Qt WebEngine users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-qt/qtwebengine-5.15.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15959">CVE-2020-15959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15959">CVE-2020-15959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15960">CVE-2020-15960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15960">CVE-2020-15960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15961">CVE-2020-15961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15961">CVE-2020-15961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15962">CVE-2020-15962</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15962">CVE-2020-15962</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15963">CVE-2020-15963</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15963">CVE-2020-15963</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15964">CVE-2020-15964</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15964">CVE-2020-15964</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15965">CVE-2020-15965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15965">CVE-2020-15965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15966">CVE-2020-15966</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15966">CVE-2020-15966</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15968">CVE-2020-15968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15968">CVE-2020-15968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15969">CVE-2020-15969</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15969">CVE-2020-15969</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15972">CVE-2020-15972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15972">CVE-2020-15972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15974">CVE-2020-15974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15974">CVE-2020-15974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15976">CVE-2020-15976</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15976">CVE-2020-15976</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15977">CVE-2020-15977</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15977">CVE-2020-15977</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15978">CVE-2020-15978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15978">CVE-2020-15978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15979">CVE-2020-15979</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15979">CVE-2020-15979</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15985">CVE-2020-15985</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15985">CVE-2020-15985</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15987">CVE-2020-15987</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15987">CVE-2020-15987</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15989">CVE-2020-15989</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15989">CVE-2020-15989</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15992">CVE-2020-15992</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15992">CVE-2020-15992</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16001">CVE-2020-16001</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16001">CVE-2020-16001</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16002">CVE-2020-16002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16002">CVE-2020-16002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16003">CVE-2020-16003</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-16003">CVE-2020-16003</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6467">CVE-2020-6467</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6467">CVE-2020-6467</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6470">CVE-2020-6470</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6470">CVE-2020-6470</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6471">CVE-2020-6471</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6471">CVE-2020-6471</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6472">CVE-2020-6472</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6473">CVE-2020-6473</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6474">CVE-2020-6474</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6475">CVE-2020-6475</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6476">CVE-2020-6476</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6480">CVE-2020-6480</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6481">CVE-2020-6481</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6482">CVE-2020-6482</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6483">CVE-2020-6483</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6486">CVE-2020-6486</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6487">CVE-2020-6487</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6489">CVE-2020-6489</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6490">CVE-2020-6490</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6506">CVE-2020-6506</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6510">CVE-2020-6510</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6511">CVE-2020-6511</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6512">CVE-2020-6512</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6513">CVE-2020-6513</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6514">CVE-2020-6514</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6518">CVE-2020-6518</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6523">CVE-2020-6523</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6524">CVE-2020-6524</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6526">CVE-2020-6526</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6529">CVE-2020-6529</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6530">CVE-2020-6530</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6531">CVE-2020-6531</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6532">CVE-2020-6532</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6533">CVE-2020-6533</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6534">CVE-2020-6534</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6535">CVE-2020-6535</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6540">CVE-2020-6540</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6541">CVE-2020-6541</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6542">CVE-2020-6542</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6543">CVE-2020-6543</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6544">CVE-2020-6544</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6545">CVE-2020-6545</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6548">CVE-2020-6548</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6549">CVE-2020-6549</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6550">CVE-2020-6550</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6551">CVE-2020-6551</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6555">CVE-2020-6555</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6557">CVE-2020-6557</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6559">CVE-2020-6559</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6561">CVE-2020-6561</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6562">CVE-2020-6562</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6569">CVE-2020-6569</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6570">CVE-2020-6570</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6571">CVE-2020-6571</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6573">CVE-2020-6573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6575">CVE-2020-6575</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-6576">CVE-2020-6576</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-25T23:03:36Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T00:15:52Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-31.xml
new file mode 100644
index 0000000000..3d7dcd82f9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-31.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-31">
+  <title>Cacti: Remote code execution</title>
+  <synopsis>A vulnerability in Cacti could lead to remote code execution.</synopsis>
+  <product type="ebuild">cacti</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>765019</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/cacti" auto="yes" arch="*">
+      <unaffected range="ge">1.2.16-r1</unaffected>
+      <vulnerable range="lt">1.2.16-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Cacti is a complete frontend to rrdtool.</p>
+  </background>
+  <description>
+    <p>The side_id parameter in data_debug.php does not properly verify input
+      allowing SQL injection.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Cacti users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/cacti-1.2.16-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35701">CVE-2020-35701</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-26T00:34:29Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T23:38:21Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-32.xml
new file mode 100644
index 0000000000..2c1a6dd3ef
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-32.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-32">
+  <title>Mutt, NeoMutt: Information disclosure</title>
+  <synopsis>A weakness was discovered in Mutt and NeoMutt's TLS handshake
+    handling
+  </synopsis>
+  <product type="ebuild">NeoMutt</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>755833</bug>
+  <bug>755866</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/mutt" auto="yes" arch="*">
+      <unaffected range="ge">2.0.2</unaffected>
+      <vulnerable range="lt">2.0.2</vulnerable>
+    </package>
+    <package name="mail-client/neomutt" auto="yes" arch="*">
+      <unaffected range="ge">20201120</unaffected>
+      <vulnerable range="lt">20201120</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mutt is a small but very powerful text-based mail client.</p>
+    
+    <p>NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt
+      with added features.
+    </p>
+  </background>
+  <description>
+    <p>A weakness in TLS handshake handling was found which may allow
+      information disclosure.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker may be able to cause information disclosure.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/mutt-2.0.2"
+    </code>
+    
+    <p>All NeoMutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/neomutt-20201120"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28896">CVE-2020-28896</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-26T00:28:06Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T23:39:28Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-33.xml
new file mode 100644
index 0000000000..a53bfabd5c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-33.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-33">
+  <title>sudo: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in sudo, the worst of
+    which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">sudo</product>
+  <announced>2021-01-26</announced>
+  <revised count="1">2021-01-26</revised>
+  <bug>764986</bug>
+  <bug>767364</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-admin/sudo" auto="yes" arch="*">
+      <unaffected range="ge">1.9.5_p2</unaffected>
+      <vulnerable range="lt">1.9.5_p2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>sudo (su “do”) allows a system administrator to delegate authority
+      to give certain users (or groups of users) the ability to run some (or
+      all) commands as root or another user while providing an audit trail of
+      the commands and their arguments.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in sudo. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Local users are able to gain unauthorized privileges on the system or
+      determine the existence of files.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All sudo users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/sudo-1.9.5_p2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23239">CVE-2021-23239</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23240">CVE-2021-23240</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3156">CVE-2021-3156</uri>
+    <uri link="https://www.sudo.ws/alerts/sudoedit_selinux.html">Upstream
+      advisory (CVE-2020-23240)
+    </uri>
+    <uri link="https://www.sudo.ws/alerts/unescape_overflow.html">Upstream
+      advisory (CVE-2021-3156)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-26T22:52:21Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-26T23:40:46Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-34.xml
new file mode 100644
index 0000000000..bedeea759a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-34.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-34">
+  <title>Telegram Desktop: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Telegram, the worst of
+    which could result in information disclosure.
+  </synopsis>
+  <product type="ebuild">telegram</product>
+  <announced>2021-01-27</announced>
+  <revised count="1">2021-01-27</revised>
+  <bug>736774</bug>
+  <bug>749288</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-im/telegram-desktop" auto="yes" arch="*">
+      <unaffected range="ge">2.4.4</unaffected>
+      <vulnerable range="lt">2.4.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Telegram is a messaging app with a focus on speed and security.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Telegram Desktop.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Telegram Desktop users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-im/telegram-desktop-2.4.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-17448">CVE-2020-17448</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25824">CVE-2020-25824</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-27T04:40:13Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-27T16:13:13Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-35.xml
new file mode 100644
index 0000000000..974a6a240e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-35.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-35">
+  <title>phpMyAdmin: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in phpMyAdmin, allowing
+    remote attackers to conduct XSS.
+  </synopsis>
+  <product type="ebuild">phpmyadmin</product>
+  <announced>2021-01-27</announced>
+  <revised count="1">2021-01-27</revised>
+  <bug>747805</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/phpmyadmin" auto="yes" arch="*">
+      <unaffected range="ge" slot="4.9.6">4.9.6</unaffected>
+      <vulnerable range="lt" slot="4.9.6">4.9.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>phpMyAdmin is a web-based management tool for MySQL databases.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in phpMyAdmin. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All phpMyAdmin users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/phpmyadmin-4.9.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26934">CVE-2020-26934</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26935">CVE-2020-26935</uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-11-19T19:31:06Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-01-27T16:14:41Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-36.xml
new file mode 100644
index 0000000000..7b5b52d6a1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-36.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-36">
+  <title>ImageMagick: Command injection</title>
+  <synopsis>A vulnerability in ImageMagick's handling of PDF was discovered
+    possibly allowing code execution.
+  </synopsis>
+  <product type="ebuild">imagemagick</product>
+  <announced>2021-01-29</announced>
+  <revised count="1">2021-01-29</revised>
+  <bug>756829</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-gfx/imagemagick" auto="yes" arch="*">
+      <unaffected range="ge">7.0.10.41-r1</unaffected>
+      <unaffected range="ge">6.9.11.41-r1</unaffected>
+      <vulnerable range="lt">7.0.10.41-r1</vulnerable>
+      <vulnerable range="lt">6.9.11.41-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A collection of tools and libraries for many image formats.</p>
+  </background>
+  <description>
+    <p>A flaw in ImageMagick’s handling of password protected PDFs was
+      discovered.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted PDF
+      using ImageMagick possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>Do not open untrusted PDFs.</p>
+  </workaround>
+  <resolution>
+    <p>All ImageMagick 7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-gfx/imagemagick-7.0.10.41-r1"
+    </code>
+    
+    <p>All ImageMagick 6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-gfx/imagemagick-6.9.11.41-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29599">CVE-2020-29599</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-28T02:24:26Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-29T00:02:42Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-37.xml
new file mode 100644
index 0000000000..52b09f41e0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-37.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-37">
+  <title>VLC: Buffer overflow</title>
+  <synopsis>A buffer overflow in VLC might allow remote attacker(s) to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">vlc</product>
+  <announced>2021-01-29</announced>
+  <revised count="1">2021-01-29</revised>
+  <bug>765040</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-video/vlc" auto="yes" arch="*">
+      <unaffected range="ge">3.0.12.1</unaffected>
+      <vulnerable range="lt">3.0.12.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>VLC is a cross-platform media player and streaming server.</p>
+  </background>
+  <description>
+    <p>VLC was found to have a buffer overflow when handling crafted MKV files.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted MKV
+      file using VLC possibly resulting in execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All VLC users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-video/vlc-3.0.12.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26664">CVE-2020-26664</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-28T02:32:59Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-01-29T00:04:09Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-38.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-38.xml
new file mode 100644
index 0000000000..11ca507fa1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202101-38.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202101-38">
+  <title>NSD: Symbolic link traversal</title>
+  <synopsis>A vulnerability was discovered in NSD which could allow a local
+    attacker to cause a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">nsd</product>
+  <announced>2021-01-29</announced>
+  <revised count="1">2021-01-29</revised>
+  <bug>758977</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-dns/nsd" auto="yes" arch="*">
+      <unaffected range="ge">4.3.4</unaffected>
+      <vulnerable range="lt">4.3.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>An authoritative only, high performance, open source name server</p>
+  </background>
+  <description>
+    <p>A local vulnerability was discovered that would allow for a local
+      symlink attack due to how NSD handles PID files.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could cause a Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All NSD users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/nsd-4.3.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28935">CVE-2020-28935</uri>
+    <uri link="https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt">
+      Upstream advisory
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2020-04-22T15:47:22Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-01-29T00:05:16Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-01.xml
new file mode 100644
index 0000000000..c448adf3cd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-01.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202102-01">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2021-02-01</announced>
+  <revised count="1">2021-02-01</revised>
+  <bug>767334</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.7.0</unaffected>
+      <unaffected range="ge">85.0</unaffected>
+      <vulnerable range="lt">85.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.7.0</unaffected>
+      <unaffected range="ge">85.0</unaffected>
+      <vulnerable range="lt">85.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-78.7.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-78.7.0"
+    </code>
+    
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-85.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-85.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23953">CVE-2021-23953</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23954">CVE-2021-23954</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23955">CVE-2021-23955</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23956">CVE-2021-23956</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23958">CVE-2021-23958</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23960">CVE-2021-23960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23961">CVE-2021-23961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23962">CVE-2021-23962</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23963">CVE-2021-23963</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23964">CVE-2021-23964</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23965">CVE-2021-23965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26976">CVE-2021-26976</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/">
+      Upstream advisory (MFSA-2021-03)
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/">
+      Upstream advisory (MFSA-2021-04)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-27T04:40:38Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-02-01T01:39:52Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-02.xml
new file mode 100644
index 0000000000..69f0cc482a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202102-02.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202102-02">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2021-02-01</announced>
+  <revised count="1">2021-02-01</revised>
+  <bug>767394</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.7.0</unaffected>
+      <vulnerable range="lt">78.7.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.7.0</unaffected>
+      <vulnerable range="lt">78.7.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.7.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.7.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15685">CVE-2020-15685</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26976">CVE-2020-26976</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23953">CVE-2021-23953</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23954">CVE-2021-23954</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23960">CVE-2021-23960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23964">CVE-2021-23964</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/">
+      Upstream advisory (MFSA-2021-05)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-01-27T04:56:17Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-02-01T01:42:49Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-01.xml
new file mode 100644
index 0000000000..ff3d8ebd9e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-01.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202103-01">
+  <title>Salt: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Salt, the worst of
+    which could allow remote attacker to execute arbitrary commands.
+  </synopsis>
+  <product type="ebuild">salt</product>
+  <announced>2021-03-31</announced>
+  <revised count="1">2021-03-31</revised>
+  <bug>767919</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-admin/salt" auto="yes" arch="*">
+      <unaffected range="ge">3000.8</unaffected>
+      <vulnerable range="lt">3000.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Salt is a fast, intelligent and scalable automation engine.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Salt. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could possibly execute arbitrary commands via
+      salt-api, cause a Denial of Service condition, bypass access restrictions
+      or disclose sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Salt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/salt-3000.8"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28243">CVE-2020-28243</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28972">CVE-2020-28972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35662">CVE-2020-35662</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25281">CVE-2021-25281</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25282">CVE-2021-25282</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25283">CVE-2021-25283</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25284">CVE-2021-25284</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3144">CVE-2021-3144</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3148">CVE-2021-3148</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3197">CVE-2021-3197</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-03-31T11:41:15Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-03-31T12:14:53Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-02.xml
new file mode 100644
index 0000000000..0dc5e402d9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-02.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202103-02">
+  <title>Redis: Remote code execution</title>
+  <synopsis>A vulnerability in Redis could lead to remote code execution.</synopsis>
+  <product type="ebuild">redis</product>
+  <announced>2021-03-31</announced>
+  <revised count="1">2021-03-31</revised>
+  <bug>773328</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/redis" auto="yes" arch="*">
+      <unaffected range="ge">5.0.12</unaffected>
+      <unaffected range="ge">6.0.12</unaffected>
+      <vulnerable range="lt">6.0.12</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Redis is an open source (BSD licensed), in-memory data structure store,
+      used as a database, cache and message broker.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that there were a number of integer overflow issues in
+      Redis.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, able to connect to a Redis instance, could send a
+      malicious crafted large request possibly resulting in the execution of
+      arbitrary code with the privileges of the process or a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Redis 5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/redis-5.0.12"
+    </code>
+    
+    <p>All Redis 6.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/redis-6.0.12"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21309">CVE-2021-21309</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-03-31T11:56:33Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-03-31T12:15:15Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-03.xml
new file mode 100644
index 0000000000..2fc78d7a7b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-03.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202103-03">
+  <title>OpenSSL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenSSL, the worst of
+    which could allow remote attackers to cause a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">openssl</product>
+  <announced>2021-03-31</announced>
+  <revised count="1">2021-03-31</revised>
+  <bug>769785</bug>
+  <bug>777681</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/openssl" auto="yes" arch="*">
+      <unaffected range="ge">1.1.1k</unaffected>
+      <vulnerable range="lt">1.1.1k</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer
+      (SSL v2/v3) and Transport Layer Security (TLS v1/v1.1/v1.2/v1.3) as well
+      as a general purpose cryptography library.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenSSL. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSSL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/openssl-1.1.1k"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23840">CVE-2021-23840</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23841">CVE-2021-23841</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3449">CVE-2021-3449</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3450">CVE-2021-3450</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-03-31T11:28:32Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-03-31T12:15:28Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-04.xml
new file mode 100644
index 0000000000..35516875df
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202103-04.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202103-04">
+  <title>SQLite: Remote code execution</title>
+  <synopsis>A vulnerability in SQLite could lead to remote code execution.</synopsis>
+  <product type="ebuild">sqlite</product>
+  <announced>2021-03-31</announced>
+  <revised count="1">2021-03-31</revised>
+  <bug>777990</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/sqlite" auto="yes" arch="*">
+      <unaffected range="ge">3.34.1</unaffected>
+      <vulnerable range="lt">3.34.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>SQLite is a C library that implements an SQL database engine.</p>
+  </background>
+  <description>
+    <p>It was discovered that SQLite incorrectly handled certain sub-queries.</p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker could possibly execute arbitrary code with the
+      privileges of the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SQLite users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/sqlite-3.34.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20227">CVE-2021-20227</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-03-31T12:07:59Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-03-31T12:15:38Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-01.xml
new file mode 100644
index 0000000000..74237596f2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-01.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-01">
+  <title>Git: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability has been found in Git that could allow a remote
+    attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">git</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>774678</bug>
+  <access>local</access>
+  <affected>
+    <package name="dev-vcs/git" auto="yes" arch="*">
+      <unaffected range="ge">2.26.3</unaffected>
+      <vulnerable range="lt">2.26.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Git is a distributed version control system designed.</p>
+  </background>
+  <description>
+    <p>It was discovered that Git could be fooled into running remote code
+      during a clone on case-insensitive file systems with support for symbolic
+      links, if Git is configured globally to apply delay-capable clean/smudge
+      filters (such as Git LFS).
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to clone a specially crafted
+      repository, possibly resulting in the remote execution of arbitrary code
+      with the privileges of the user running the application.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Git users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-vcs/git-2.26.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21300">CVE-2021-21300</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T22:21:04Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:44:55Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-02.xml
new file mode 100644
index 0000000000..fc7805e8fe
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-02.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-02">
+  <title>X.Org X Server: Privilege escalation</title>
+  <synopsis>A vulnerability in X.Org X Server may allow users to escalate
+    privileges.
+  </synopsis>
+  <product type="ebuild">xorg-server</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>782679</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="x11-base/xorg-server" auto="yes" arch="*">
+      <unaffected range="ge">1.20.11</unaffected>
+      <vulnerable range="lt">1.20.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The X Window System is a graphical windowing system based on a
+      client/server model.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that X.Org X Server did not sufficiently check the
+      length of the XInput extension’s ChangeFeedbackControl request.
+    </p>
+  </description>
+  <impact type="high">
+    <p>An authorized attacker could possibly escalate privileges, or cause a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All X.Org X Server users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=x11-base/xorg-server-1.20.11"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3472">CVE-2021-3472</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T21:51:09Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:45:08Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-03.xml
new file mode 100644
index 0000000000..1486ced0fb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-03.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-03">
+  <title>WebkitGTK+: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in WebkitGTK+, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">webkit-gtk</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>770793</bug>
+  <bug>773193</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-libs/webkit-gtk" auto="yes" arch="*">
+      <unaffected range="ge">2.30.6</unaffected>
+      <vulnerable range="lt">2.30.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
+      suitable for projects requiring any kind of web integration, from hybrid
+      HTML/CSS applications to full-fledged web browsers.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in WebkitGTK+. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker, by enticing a user to visit maliciously crafted web
+      content, may be able to execute arbitrary code, violate iframe sandboxing
+      policy, access restricted ports on arbitrary servers, cause memory
+      corruption, or could cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All WebkitGTK+ users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/webkit-gtk-2.30.6"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13558">CVE-2020-13558</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27918">CVE-2020-27918</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29623">CVE-2020-29623</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-9947">CVE-2020-9947</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1765">CVE-2021-1765</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1789">CVE-2021-1789</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1799">CVE-2021-1799</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1801">CVE-2021-1801</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1870">CVE-2021-1870</uri>
+    <uri link="https://webkitgtk.org/security/WSA-2021-0001.html">WSA-2021-0001</uri>
+    <uri link="https://webkitgtk.org/security/WSA-2021-0002.html">WSA-2021-0002</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T22:10:11Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:45:22Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-04.xml
new file mode 100644
index 0000000000..09f39c7237
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-04.xml
@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-04">
+  <title>Python: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Python, the worst of
+    which might allow attackers to access sensitive information.
+  </synopsis>
+  <product type="ebuild">python</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>770853</bug>
+  <bug>779841</bug>
+  <bug>779844</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-lang/python" auto="yes" arch="*">
+      <unaffected range="ge" slot="2.7">2.7.18_p8</unaffected>
+      <unaffected range="ge" slot="3.6">3.6.13_p1</unaffected>
+      <unaffected range="ge" slot="3.7">3.7.10_p1</unaffected>
+      <unaffected range="ge" slot="3.8">3.8.8_p1</unaffected>
+      <unaffected range="ge" slot="3.9">3.9.2_p1</unaffected>
+      <vulnerable range="lt">3.9.2_p1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Python is an interpreted, interactive, object-oriented programming
+      language.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Python. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Python 2.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-2.7.18_p8"
+    </code>
+    
+    <p>All Python 3.6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.6.13_p1"
+    </code>
+    
+    <p>All Python 3.7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.7.10_p1"
+    </code>
+    
+    <p>All Python 3.8 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.8.8_p1"
+    </code>
+    
+    <p>All Python 3.9 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/python-3.9.2_p1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23336">CVE-2021-23336</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3426">CVE-2021-3426</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T23:29:13Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:45:38Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-05.xml
new file mode 100644
index 0000000000..9f9c0ce72f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-05.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-05">
+  <title>GRUB: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in GRUB, the worst might
+    allow for circumvention of UEFI Secure Boot.
+  </synopsis>
+  <product type="ebuild">grub</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>734654</bug>
+  <bug>773991</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-devel/grub" auto="yes" arch="*">
+      <unaffected range="ge">2.06_rc1</unaffected>
+      <vulnerable range="lt">2.06_rc1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNU GRUB is a multiboot boot loader used by most Linux systems.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in GRUB. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GRUB users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-devel/grub-2.06_rc1"
+    </code>
+    
+    <p>After upgrading, make sure to run the grub-install command with options
+      appropriate for your system. See the GRUB Quick Start guide in the
+      references below for examples. Your system will be vulnerable until this
+      action is performed.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10713">CVE-2020-10713</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14308">CVE-2020-14308</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14309">CVE-2020-14309</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14310">CVE-2020-14310</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14311">CVE-2020-14311</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14372">CVE-2020-14372</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15705">CVE-2020-15705</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15706">CVE-2020-15706</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15707">CVE-2020-15707</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25632">CVE-2020-25632</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25647">CVE-2020-25647</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27749">CVE-2020-27749</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27779">CVE-2020-27779</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20225">CVE-2021-20225</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20233">CVE-2021-20233</uri>
+    <uri link="https://wiki.gentoo.org/wiki/GRUB2_Quick_Start">GRUB Quick Start
+      guide 
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T23:17:40Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:45:51Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-06.xml
new file mode 100644
index 0000000000..ec8e0eaa69
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-06.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-06">
+  <title>libTIFF: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in LibTIFF, the worst of
+    which could result in the execution of arbitrary code.
+  </synopsis>
+  <product type="ebuild">libtiff</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>775125</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/tiff" auto="yes" arch="*">
+      <unaffected range="ge">4.2.0</unaffected>
+      <vulnerable range="lt">4.2.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The TIFF library contains encoding and decoding routines for the Tag
+      Image File Format. It is called by numerous programs, including GNOME and
+      KDE applications, to interpret TIFF images.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in LibTIFF. Please review
+      the referenced CVE identifiers for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by enticing the user to process a specially crafted
+      TIFF file, could possibly execute arbitrary code with the privileges of
+      the process, or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All LibTIFF users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/tiff-4.2.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35521">CVE-2020-35521</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35522">CVE-2020-35522</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35523">CVE-2020-35523</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35524">CVE-2020-35524</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T23:10:58Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:46:04Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-07.xml
new file mode 100644
index 0000000000..31900cf33c
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-07.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-07">
+  <title>ClamAV: Denial of service</title>
+  <synopsis>A vulnerability in ClamAV could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">clamav</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>780894</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-antivirus/clamav" auto="yes" arch="*">
+      <unaffected range="ge">0.103.2</unaffected>
+      <vulnerable range="lt">0.103.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ClamAV is a GPL virus scanner.</p>
+  </background>
+  <description>
+    <p>A vulnerability has been discovered in ClamAV. Please review the CVE
+      identifier referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could cause ClamAV to scan a specially crafted file,
+      possibly resulting a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ClamAV users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-antivirus/clamav-0.103.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1405">CVE-2021-1405</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T23:40:37Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:46:17Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-08.xml
new file mode 100644
index 0000000000..8fca53ce6b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-08.xml
@@ -0,0 +1,163 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-08">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium,google-chrome</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>768459</bug>
+  <bug>768831</bug>
+  <bug>771012</bug>
+  <bug>774015</bug>
+  <bug>776181</bug>
+  <bug>779493</bug>
+  <bug>782802</bug>
+  <bug>782970</bug>
+  <bug>784554</bug>
+  <bug>785889</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">90.0.4430.93</unaffected>
+      <vulnerable range="lt">90.0.4430.93</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">90.0.4430.93</unaffected>
+      <vulnerable range="lt">90.0.4430.93</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-90.0.4430.93"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-90.0.4430.93"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21142">CVE-2021-21142</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21143">CVE-2021-21143</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21144">CVE-2021-21144</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21145">CVE-2021-21145</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21146">CVE-2021-21146</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21147">CVE-2021-21147</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21148">CVE-2021-21148</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21149">CVE-2021-21149</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21150">CVE-2021-21150</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21151">CVE-2021-21151</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21152">CVE-2021-21152</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21153">CVE-2021-21153</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21154">CVE-2021-21154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21155">CVE-2021-21155</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21156">CVE-2021-21156</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21157">CVE-2021-21157</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21159">CVE-2021-21159</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21160">CVE-2021-21160</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21161">CVE-2021-21161</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21162">CVE-2021-21162</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21163">CVE-2021-21163</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21165">CVE-2021-21165</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21166">CVE-2021-21166</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21167">CVE-2021-21167</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21168">CVE-2021-21168</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21169">CVE-2021-21169</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21170">CVE-2021-21170</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21171">CVE-2021-21171</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21172">CVE-2021-21172</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21173">CVE-2021-21173</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21174">CVE-2021-21174</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21175">CVE-2021-21175</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21176">CVE-2021-21176</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21177">CVE-2021-21177</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21178">CVE-2021-21178</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21179">CVE-2021-21179</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21180">CVE-2021-21180</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21181">CVE-2021-21181</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21182">CVE-2021-21182</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21183">CVE-2021-21183</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21184">CVE-2021-21184</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21185">CVE-2021-21185</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21186">CVE-2021-21186</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21187">CVE-2021-21187</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21188">CVE-2021-21188</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21189">CVE-2021-21189</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2119">CVE-2021-2119</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21191">CVE-2021-21191</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21192">CVE-2021-21192</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21193">CVE-2021-21193</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21194">CVE-2021-21194</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21195">CVE-2021-21195</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21196">CVE-2021-21196</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21197">CVE-2021-21197</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21198">CVE-2021-21198</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21199">CVE-2021-21199</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21201">CVE-2021-21201</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21202">CVE-2021-21202</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21203">CVE-2021-21203</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21204">CVE-2021-21204</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21205">CVE-2021-21205</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21206">CVE-2021-21206</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21207">CVE-2021-21207</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21208">CVE-2021-21208</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21209">CVE-2021-21209</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21210">CVE-2021-21210</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21211">CVE-2021-21211</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21212">CVE-2021-21212</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21213">CVE-2021-21213</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21214">CVE-2021-21214</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21215">CVE-2021-21215</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21216">CVE-2021-21216</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21217">CVE-2021-21217</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21218">CVE-2021-21218</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21219">CVE-2021-21219</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21220">CVE-2021-21220</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21221">CVE-2021-21221</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21222">CVE-2021-21222</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21223">CVE-2021-21223</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21224">CVE-2021-21224</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21225">CVE-2021-21225</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21226">CVE-2021-21226</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21227">CVE-2021-21227</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21228">CVE-2021-21228</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21229">CVE-2021-21229</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21230">CVE-2021-21230</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21231">CVE-2021-21231</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21232">CVE-2021-21232</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21233">CVE-2021-21233</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T23:06:01Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:46:30Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-09.xml
new file mode 100644
index 0000000000..079925cdc2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-09.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-09">
+  <title>Mozilla Thunderbird: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Thunderbird,
+    the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">thunderbird</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>772287</bug>
+  <bug>778272</bug>
+  <bug>784578</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-client/thunderbird" auto="yes" arch="*">
+      <unaffected range="ge">78.10.0</unaffected>
+      <vulnerable range="lt">78.10.0</vulnerable>
+    </package>
+    <package name="mail-client/thunderbird-bin" auto="yes" arch="*">
+      <unaffected range="ge">78.10.0</unaffected>
+      <vulnerable range="lt">78.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Thunderbird is a popular open-source email client from the
+      Mozilla project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Thunderbird users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/thunderbird-78.10.0"
+    </code>
+    
+    <p>All Mozilla Thunderbird binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=mail-client/thunderbird-bin-78.10.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23961">CVE-2021-23961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23968">CVE-2021-23968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23969">CVE-2021-23969</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23973">CVE-2021-23973</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23978">CVE-2021-23978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23981">CVE-2021-23981</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23982">CVE-2021-23982</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23984">CVE-2021-23984</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23987">CVE-2021-23987</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23994">CVE-2021-23994</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23995">CVE-2021-23995</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23998">CVE-2021-23998</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23999">CVE-2021-23999</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-24002">CVE-2021-24002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29945">CVE-2021-29945</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29946">CVE-2021-29946</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29948">CVE-2021-29948</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/">
+      MFSA-2021-09
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/">
+      MFSA-2021-12
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/">
+      MFSA-2021-14
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T22:33:39Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:46:41Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-10.xml
new file mode 100644
index 0000000000..02a76e567b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202104-10.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202104-10">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2021-04-30</announced>
+  <revised count="1">2021-04-30</revised>
+  <bug>772305</bug>
+  <bug>778269</bug>
+  <bug>784572</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.10.0</unaffected>
+      <unaffected range="ge">88.0</unaffected>
+      <vulnerable range="lt">88.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.10.0</unaffected>
+      <unaffected range="ge">88.0</unaffected>
+      <vulnerable range="lt">88.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-78.10.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-78.10.0"
+    </code>
+    
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-88.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-88.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23961">CVE-2021-23961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23968">CVE-2021-23968</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23969">CVE-2021-23969</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23970">CVE-2021-23970</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23971">CVE-2021-23971</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23972">CVE-2021-23972</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23973">CVE-2021-23973</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23974">CVE-2021-23974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23975">CVE-2021-23975</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23976">CVE-2021-23976</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23977">CVE-2021-23977</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23978">CVE-2021-23978</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23981">CVE-2021-23981</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23982">CVE-2021-23982</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23983">CVE-2021-23983</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23984">CVE-2021-23984</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23985">CVE-2021-23985</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23986">CVE-2021-23986</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23987">CVE-2021-23987</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23988">CVE-2021-23988</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23994">CVE-2021-23994</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23995">CVE-2021-23995</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23998">CVE-2021-23998</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23999">CVE-2021-23999</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-24002">CVE-2021-24002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29945">CVE-2021-29945</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29946">CVE-2021-29946</uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/">
+      MFSA-2021-08
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/">
+      MFSA-2021-11
+    </uri>
+    <uri link="https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/">
+      MFSA-2021-15
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-04-30T22:45:03Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-04-30T23:47:33Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-01.xml
new file mode 100644
index 0000000000..9d471cc9a5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-01.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-01">
+  <title>Exim: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Exim, the worst of
+    which allows remote attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">exim</product>
+  <announced>2021-05-04</announced>
+  <revised count="1">2021-05-04</revised>
+  <bug>786945</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-mta/exim" auto="yes" arch="*">
+      <unaffected range="ge">4.94.2</unaffected>
+      <vulnerable range="lt">4.94.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Exim is a message transfer agent (MTA) designed to be a a highly
+      configurable, drop-in replacement for sendmail.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Exim. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker, by connecting to the SMTP listener daemon, could
+      possibly execute arbitrary code with the privileges of the process or
+      cause a Denial of Service condition. Furthermore, a local attacker could
+      perform symlink attacks to overwrite arbitrary files with the privileges
+      of the user running the application or escalate privileges.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Exim users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-mta/exim-4.94.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28007">CVE-2020-28007</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28008">CVE-2020-28008</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28009">CVE-2020-28009</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28010">CVE-2020-28010</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28011">CVE-2020-28011</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28012">CVE-2020-28012</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28013">CVE-2020-28013</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28014">CVE-2020-28014</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28015">CVE-2020-28015</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28016">CVE-2020-28016</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28017">CVE-2020-28017</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28018">CVE-2020-28018</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28019">CVE-2020-28019</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28020">CVE-2020-28020</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28021">CVE-2020-28021</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28022">CVE-2020-28022</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28023">CVE-2020-28023</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28024">CVE-2020-28024</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28025">CVE-2020-28025</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28026">CVE-2020-28026</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27216">CVE-2021-27216</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-04T18:26:25Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-04T19:29:15Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-02.xml
new file mode 100644
index 0000000000..6033d07325
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-02.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-02">
+  <title>stunnel: Improper certificate validation</title>
+  <synopsis>Stunnel was not properly verifying TLS certificates, possibly
+    allowing an integrity/confidentiality compromise.
+  </synopsis>
+  <product type="ebuild">stunnel</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>772146</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-misc/stunnel" auto="yes" arch="*">
+      <unaffected range="ge">5.58</unaffected>
+      <vulnerable range="lt">5.58</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The stunnel program is designed to work as an SSL/TLS encryption wrapper
+      between a client and a local or remote server.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that stunnel did not correctly verified the client
+      certificate when options “redirect” and “verifyChain” are used.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send a specially crafted certificate, possibly
+      resulting in a breach of integrity or confidentiality.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All stunnel users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/stunnel-5.58"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20230">CVE-2021-20230</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T22:51:07Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T07:44:01Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-03.xml
new file mode 100644
index 0000000000..f866dd0624
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-03.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-03">
+  <title>GPT fdisk: Integer underflow</title>
+  <synopsis>An integer underflow in sgdisk from GPT fdisk package might allow
+    local attacker(s) to escalate privileges.
+  </synopsis>
+  <product type="ebuild">gptfdisk</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>768762</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/gptfdisk" auto="yes" arch="*">
+      <unaffected range="ge">1.0.6</unaffected>
+      <vulnerable range="lt">1.0.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GPT fdisk (consisting of the gdisk, cgdisk, sgdisk, and fixparts
+      programs) is a set of text-mode partitioning tools for Linux, FreeBSD,
+      Mac OS X, and Windows.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that ReadLogicalParts() function in basicmbr.cc was
+      missing a bounds check.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could entice a user to insert a malicious formatted
+      block device (USB stick or SD card for example), that, when processed
+      with sgdisk, possibly resulting in local escalation of privileges or a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GPT fdisk users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/gptfdisk-1.0.6"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-0308">CVE-2021-0308</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T22:34:12Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T07:45:07Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-04.xml
new file mode 100644
index 0000000000..6c92bcfc9a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-04.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-04">
+  <title>Boost: Buffer overflow</title>
+  <synopsis>A buffer overflow in Boost might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">boost</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>620468</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/boost" auto="yes" arch="*">
+      <unaffected range="ge">1.74.0-r2</unaffected>
+      <vulnerable range="lt">1.74.0-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Boost is a set of C++ libraries, including the Boost.Regex library to
+      process regular expressions.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Boost incorrectly sanitized ‘next_size’ and
+      ‘max_size’ parameter in ordered_malloc() function when allocating
+      memory.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could provide a specially crafted application-specific
+      file (requiring runtime memory allocation to be processed correctly),
+      that, when opened with an application using Boost C++ source libraries,
+      possibly resulting in execution of arbitrary code with the privileges of
+      the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Boost users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/boost-1.74.0-r2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2012-2677">CVE-2012-2677</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T22:14:01Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T07:45:40Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-05.xml
new file mode 100644
index 0000000000..1473c2d892
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-05.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-05">
+  <title>Mutt, NeoMutt: Denial of service</title>
+  <synopsis>A vulnerability in Mutt and NeoMutt could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">mutt,neomutt</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>788388</bug>
+  <bug>788391</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-client/mutt" auto="yes" arch="*">
+      <unaffected range="ge">2.0.7</unaffected>
+      <vulnerable range="lt">2.0.7</vulnerable>
+    </package>
+    <package name="mail-client/neomutt" auto="yes" arch="*">
+      <unaffected range="ge">20210205-r1</unaffected>
+      <vulnerable range="lt">20210205-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mutt is a small but very powerful text-based mail client.</p>
+    
+    <p>NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt
+      with added features.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Mutt, and NeoMutt did not properly handle certain
+      situations where an IMAP sequence set ends with a comma.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to connect to a malicious IMAP
+      server to cause a Denial of Service condition, or other unspecified
+      impacts.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/mutt-2.0.7"
+    </code>
+    
+    <p>All NeoMutt users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-client/neomutt-20210205-r1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32055">CVE-2021-32055</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T22:00:56Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T07:46:31Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-06.xml
new file mode 100644
index 0000000000..84a6f01bc2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-06.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-06">
+  <title>Smarty: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities in the Smarty template engine might allow
+    remote attackers to execute arbitrary PHP code.
+  </synopsis>
+  <product type="ebuild">smarty</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>772206</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-php/smarty" auto="yes" arch="*">
+      <unaffected range="ge">3.1.39</unaffected>
+      <vulnerable range="lt">3.1.39</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Smarty is a template engine for PHP.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Smarty template engine.
+      Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Smarty template engine users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-php/smarty-3.1.39"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26119">CVE-2021-26119</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26120">CVE-2021-26120</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T21:28:37Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T07:46:47Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-07.xml
new file mode 100644
index 0000000000..500983dbb9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-07.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-07">
+  <title>Telegram: Security bypass</title>
+  <synopsis>An insufficient session expiration has been reported in Telegram.</synopsis>
+  <product type="ebuild">telegram</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>771684</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-im/telegram-desktop" auto="yes" arch="*">
+      <unaffected range="ge">2.4.11</unaffected>
+      <vulnerable range="lt">2.4.11</vulnerable>
+    </package>
+    <package name="net-im/telegram-desktop-bin" auto="yes" arch="*">
+      <unaffected range="ge">2.4.11</unaffected>
+      <vulnerable range="lt">2.4.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Telegram is a cloud-based mobile and desktop messaging app with a focus
+      on security and speed.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Telegram failed to invalidate a recently active
+      session.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Telegram users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-im/telegram-desktop-2.4.11"
+    </code>
+    
+    <p>All Telegram binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=net-im/telegram-desktop-bin-2.4.11"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27351">CVE-2021-27351</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T20:11:43Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:12:28Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-08.xml
new file mode 100644
index 0000000000..72e5c50007
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-08.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-08">
+  <title>ICU: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in ICU, the worst of which
+    could cause a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">icu</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>755704</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/icu" auto="yes" arch="*">
+      <unaffected range="ge">68.2</unaffected>
+      <vulnerable range="lt">68.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ICU is a mature, widely used set of C/C++ and Java libraries providing
+      Unicode and Globalization support for software applications.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in ICU. Please review the
+      upstream bugs referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Remote attackers could cause a Denial of Service condition or possibly
+      have other unspecified impacts via unspecified vectors.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ICU users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/icu-68.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://chromium-review.googlesource.com/q/Iad839ac77d487d5e1b396bcdbc29bc7cd58a7ef8">
+      Chromium Change-Id Iad839ac77d487d5e1b396bcdbc29bc7cd58a7ef8
+    </uri>
+    <uri link="https://unicode-org.atlassian.net/browse/ICU-21383">ICU-21383</uri>
+    <uri link="https://unicode-org.atlassian.net/browse/ICU-21385">ICU-21385</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T16:34:40Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:13:14Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-09.xml
new file mode 100644
index 0000000000..404c199976
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-09.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-09">
+  <title>BusyBox: Denial of service</title>
+  <synopsis>A vulnerability in BusyBox might allow remote attackers to cause a
+    Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">busybox</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>777255</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-apps/busybox" auto="yes" arch="*">
+      <unaffected range="ge">1.32.1</unaffected>
+      <vulnerable range="lt">1.32.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>BusyBox is a set of tools for embedded systems and is a replacement for
+      GNU Coreutils.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that BusyBox mishandled the error bit on the
+      huft_build result pointer when decompressing GZIP compressed data.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted GZIP
+      file using BusyBox, possibly resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All BusyBox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/busybox-1.32.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28831">CVE-2021-28831</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T01:11:14Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:14:24Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-10.xml
new file mode 100644
index 0000000000..aa151c4e9f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-10.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-10">
+  <title>GNOME Autoar: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability has been found in GNOME Autoar that could allow a
+    remote attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">gnome-autoar</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>768828</bug>
+  <bug>777126</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-arch/gnome-autoar" auto="yes" arch="*">
+      <unaffected range="ge">0.3.1</unaffected>
+      <vulnerable range="lt">0.3.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNOME Autoar provides functions and widgets for GNOME applications which
+      want to use archives as a method to transfer directories over the
+      internet.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that GNOME Autoar could extract files outside of the
+      intended directory.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      archive using GNOME Autoar, possibly resulting in execution of arbitrary
+      code with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNOME Autoar users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-arch/gnome-autoar-0.3.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36241">CVE-2020-36241</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28650">CVE-2021-28650</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T21:19:21Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:14:43Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-11.xml
new file mode 100644
index 0000000000..548f498d4d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-11.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-11">
+  <title>GNU Screen: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability in GNU screen may allow a remote attacker to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">screen</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>769770</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-misc/screen" auto="yes" arch="*">
+      <unaffected range="ge">4.8.0-r2</unaffected>
+      <vulnerable range="lt">4.8.0-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNU Screen is a full-screen window manager that multiplexes a physical
+      terminal between several processes, typically interactive shells.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that GNU screen did not properly handle certain UTF-8
+      character sequences.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to run a program where attacker
+      controls the output inside a GNU screen session, possibly resulting in
+      execution of arbitrary code with the privileges of the process or a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>This vulnerability can be mitigated by disabling UTF-8 processing in
+      .screenrc.
+    </p>
+  </workaround>
+  <resolution>
+    <p>All GNU screen users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-misc/screen-4.8.0-r2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26937">CVE-2021-26937</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T21:07:51Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:14:58Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-12.xml
new file mode 100644
index 0000000000..ad904d7afd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-12.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-12">
+  <title>OpenSMTPD: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenSMTPD, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">opensmtpd</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>761945</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-mta/opensmtpd" auto="yes" arch="*">
+      <unaffected range="ge">6.8.0_p2</unaffected>
+      <vulnerable range="lt">6.8.0_p2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSMTPD is a lightweight but featured SMTP daemon from OpenBSD.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenSMTPD. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker, by connecting to the SMTP listener daemon, could
+      possibly cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSMTPD users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-mta/opensmtpd-6.8.0_p2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35679">CVE-2020-35679</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35680">CVE-2020-35680</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T20:46:15Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:15:16Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-13.xml
new file mode 100644
index 0000000000..6638a5a6dd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-13.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-13">
+  <title>Mumble: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability has been found in Mumble that could allow a remote
+    attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">mumble</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>770973</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-sound/mumble" auto="yes" arch="*">
+      <unaffected range="ge">1.3.4</unaffected>
+      <vulnerable range="lt">1.3.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mumble is low-latency voice chat software intended for use with gaming.</p>
+  </background>
+  <description>
+    <p>Please review the CVE identifiers referenced below for details.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted server
+      list (web page) using Mumble, possibly resulting in execution of
+      arbitrary code with the privileges of the process or a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mumble users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-sound/mumble-1.3.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27229">CVE-2021-27229</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T20:52:52Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:36:32Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-14.xml
new file mode 100644
index 0000000000..2469e2a8a6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-14.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-14">
+  <title>Squid: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Squid, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">squid</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>775194</bug>
+  <bug>789309</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-proxy/squid" auto="yes" arch="*">
+      <unaffected range="ge">4.15</unaffected>
+      <vulnerable range="lt">4.15</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Squid is a full-featured Web proxy cache designed to run on Unix
+      systems. It supports proxying and caching of HTTP, FTP, and other URLs,
+      as well as SSL support, cache hierarchies, transparent caching, access
+      control lists and many other features.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Squid. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could send a specially crafted request, possibly
+      resulting in a Denial of Service condition or information leak.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Squid users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-proxy/squid-4.15"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25097">CVE-2020-25097</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28116">CVE-2021-28116</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28651">CVE-2021-28651</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28652">CVE-2021-28652</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28662">CVE-2021-28662</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31806">CVE-2021-31806</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31807">CVE-2021-31807</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31808">CVE-2021-31808</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T16:14:31Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:37:04Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-15.xml
new file mode 100644
index 0000000000..5f2b4e50cd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-15.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-15">
+  <title>Prosŏdy IM: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Prosŏdy IM, the worst
+    of which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">prosody</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>771144</bug>
+  <bug>789969</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-im/prosody" auto="yes" arch="*">
+      <unaffected range="ge">0.11.9</unaffected>
+      <vulnerable range="lt">0.11.9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Prosŏdy IM is a modern XMPP communication server. It aims to be easy to
+      set up and configure, and efficient with system resources.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Prosŏdy IM. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Prosŏdy IM users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-im/prosody-0.11.9"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32917">CVE-2021-32917</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32918">CVE-2021-32918</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32919">CVE-2021-32919</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32920">CVE-2021-32920</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32921">CVE-2021-32921</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T16:08:26Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:37:19Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-16.xml
new file mode 100644
index 0000000000..7d7d41ac76
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-16.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-16">
+  <title>X.Org X11 library: Denial of service</title>
+  <synopsis>A vulnerability in X.Org X11 library could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">libx11</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>790824</bug>
+  <access>remote</access>
+  <affected>
+    <package name="x11-libs/libX11" auto="yes" arch="*">
+      <unaffected range="ge">1.7.1</unaffected>
+      <vulnerable range="lt">1.7.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>X.Org is an implementation of the X Window System. The X.Org X11 library
+      provides the X11 protocol library files.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that XLookupColor() and other X.Org X11 library
+      functions lacked proper validation of the length of their string
+      parameters.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker could emit arbitrary X protocol requests to the X server
+      through malicious crafted string parameters in applications linked
+      against X.Org X11 library.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All X.Org X11 library users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=x11-libs/libX11-1.7.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31535">CVE-2021-31535</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T15:55:58Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:37:54Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-17.xml
new file mode 100644
index 0000000000..17d191c8e5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-17.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-17">
+  <title>rxvt-unicode: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability in rxvt-unicode may allow a remote attacker to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">rxvt-unicode</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>790782</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="x11-terms/rxvt-unicode" auto="yes" arch="*">
+      <unaffected range="ge">9.22-r9</unaffected>
+      <vulnerable range="lt">9.22-r9</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>rxvt-unicode (urxvt) is a clone of the rxvt terminal emulator.</p>
+  </background>
+  <description>
+    <p>It was discovered that rxvt-unicode did not properly handle certain
+      escape sequences.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to run a program where attacker
+      controls the output inside a rxvt terminal window, possibly resulting in
+      execution of arbitrary code with the privileges of the process or a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All rxvt-unicode users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=x11-terms/rxvt-unicode-9.22-r9"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33477">CVE-2021-33477</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T15:13:20Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:38:12Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-18.xml
new file mode 100644
index 0000000000..4e7c5707c1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-18.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-18">
+  <title>LittleCMS: User-assisted execution of arbitrary code</title>
+  <synopsis>A heap-based buffer overflow in LittleCMS might allow remote
+    attackers to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">lcms</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>761418</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/lcms" auto="yes" arch="*">
+      <unaffected range="ge">2.10</unaffected>
+      <vulnerable range="lt">2.10</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>LittleCMS, or short lcms, is a color management system for working with
+      ICC profiles. It is used by many applications including GIMP, Firefox and
+      Chromium.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that LittleCMS (aka Little Color Management System)
+      had an integer overflow in the AllocateDataSet function in cmscgats.c.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user or automated system to open a
+      specially crafted file containing malicious color data, possibly
+      resulting in execution of arbitrary code with the privileges of the
+      process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All LittleCMS users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/lcms-2.10"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-16435">CVE-2018-16435</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T14:14:12Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:38:28Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-19.xml
new file mode 100644
index 0000000000..79e89f0c9f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-19.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-19">
+  <title>Firejail: Privilege escalation</title>
+  <synopsis>A vulnerability was discovered in Firejail which may allow local
+    attackers to gain root privileges.
+  </synopsis>
+  <product type="ebuild">firejail</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>769542</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-apps/firejail" auto="yes" arch="*">
+      <unaffected range="ge">0.9.64.4</unaffected>
+      <vulnerable range="lt">0.9.64.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A SUID program that reduces the risk of security breaches by restricting
+      the running environment of untrusted applications using Linux namespaces
+      and seccomp-bpf.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that a flaw in Firejail’s OverlayFS code allowed
+      restricted programs to escape sandbox.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could obtain arbitrary file system access via an
+      application running within a Firejail sandbox, possibly resulting in
+      privilege escalation.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Firejail users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/firejail-0.9.64.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26910">CVE-2021-26910</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T20:22:19Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:38:46Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-20.xml
new file mode 100644
index 0000000000..359b42aa37
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-20.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-20">
+  <title>Dnsmasq: DNS cache poisoning</title>
+  <synopsis>Use of insufficient randomness in Dnsmasq might lead to DNS Cache
+    Poisoning.
+  </synopsis>
+  <product type="ebuild">dnsmasq</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>782130</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-dns/dnsmasq" auto="yes" arch="*">
+      <unaffected range="ge">2.85</unaffected>
+      <vulnerable range="lt">2.85</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP
+      server.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Dnsmasq, when configured with
+      --server=&lt;address&gt;@<interface> or similar (e.g. through dbus),
+        configured a fixed UDP port for all outgoing queries to the specified
+        upstream DNS server.
+      </interface>
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker, by sending malicious crafted DNS responses, could perform a
+      DNS Cache Poisoning attack.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Dnsmasq users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-dns/dnsmasq-2.85"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3448">CVE-2021-3448</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T13:34:22Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T08:39:11Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-21.xml
new file mode 100644
index 0000000000..899bd2ffa0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-21.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-21">
+  <title>Tcpreplay: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Tcpreplay, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">tcpreplay</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>750344</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-analyzer/tcpreplay" auto="yes" arch="*">
+      <unaffected range="ge">4.3.4</unaffected>
+      <vulnerable range="lt">4.3.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Tcpreplay is a suite of utilities for UNIX systems for editing and
+      replaying network traffic which was previously captured by tools like
+      tcpdump and ethereal/wireshark.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Tcpreplay. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted
+      network capture file using Tcpreplay, possibly resulting in a Denial of
+      Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Tcpreplay users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/tcpreplay-4.3.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24265">CVE-2020-24265</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24266">CVE-2020-24266</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T14:01:52Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:28:42Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-22.xml
new file mode 100644
index 0000000000..3d44f02e43
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-22.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-22">
+  <title>Samba: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Samba, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">samba</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>778026</bug>
+  <bug>786825</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-fs/samba" auto="yes" arch="*">
+      <unaffected range="ge">4.13.8</unaffected>
+      <vulnerable range="lt">4.13.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Samba is a suite of SMB and CIFS client/server programs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Samba. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Samba users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-fs/samba-4.13.8"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27840">CVE-2020-27840</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20254">CVE-2021-20254</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20277">CVE-2021-20277</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T13:25:24Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:29:08Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-23.xml
new file mode 100644
index 0000000000..a763f06588
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-23.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-23">
+  <title>PHP: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PHP, the worst of which
+    could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">php</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>764314</bug>
+  <bug>768756</bug>
+  <bug>788892</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-lang/php" auto="yes" arch="*">
+      <unaffected range="ge" slot="7.3">7.3.28</unaffected>
+      <unaffected range="ge" slot="7.4">7.4.19</unaffected>
+      <unaffected range="ge" slot="8.0">8.0.6</unaffected>
+      <vulnerable range="lt">8.0.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PHP is an open source general-purpose scripting language that is
+      especially suited for web development.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PHP. Please review the
+      CVE identifiers and bugs referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers and bugs for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PHP 7.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.3.28:7.3"
+    </code>
+    
+    <p>All PHP 7.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-7.4.19:7.4"
+    </code>
+    
+    <p>All PHP 8.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-lang/php-8.0.6:8.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-7071">CVE-2020-7071</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21702">CVE-2021-21702</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T13:47:47Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:29:31Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-24.xml
new file mode 100644
index 0000000000..8075a96b41
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-24.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-24">
+  <title>FFmpeg: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in FFmpeg, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">ffmpeg</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>763315</bug>
+  <bug>781146</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-video/ffmpeg" auto="yes" arch="*">
+      <unaffected range="ge">4.4</unaffected>
+      <vulnerable range="lt">4.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FFmpeg is a complete, cross-platform solution to record, convert and
+      stream audio and video.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in FFmpeg. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted media
+      file using FFmpeg, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FFmpeg users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-video/ffmpeg-4.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35964">CVE-2020-35964</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35965">CVE-2020-35965</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30123">CVE-2021-30123</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T00:07:14Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:29:48Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-25.xml
new file mode 100644
index 0000000000..da213f1833
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-25.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-25">
+  <title>OpenVPN: Authentication bypass</title>
+  <synopsis>A vulnerability has been found in OpenVPN, allowing attackers to
+    bypass the authentication process.
+  </synopsis>
+  <product type="ebuild">openvpn</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>785115</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-vpn/openvpn" auto="yes" arch="*">
+      <unaffected range="ge">2.5.2</unaffected>
+      <vulnerable range="lt">2.5.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenVPN is a multi-platform, full-featured SSL VPN solution.</p>
+  </background>
+  <description>
+    <p>It was discovered that OpenVPN incorrectly handled deferred
+      authentication.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could bypass authentication and access control channel
+      data and trigger further information leaks.
+    </p>
+  </impact>
+  <workaround>
+    <p>Configure OpenVPN server to not use deferred authentication.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenVPN users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/openvpn-2.5.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15078">CVE-2020-15078</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T01:22:05Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:30:05Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-26.xml
new file mode 100644
index 0000000000..70c75a3efa
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-26.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-26">
+  <title>SpamAssassin: Arbitrary command execution</title>
+  <synopsis>A vulnerability in SpamAssassin might allow remote attackers to
+    execute arbitrary commands.
+  </synopsis>
+  <product type="ebuild">SpamAssassin</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>778002</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="mail-filter/spamassassin" auto="yes" arch="*">
+      <unaffected range="ge">3.4.5</unaffected>
+      <vulnerable range="lt">3.4.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>SpamAssassin is an extensible email filter used to identify junk email.</p>
+  </background>
+  <description>
+    <p>It was discovered that SpamAssassin incorrectly handled certain CF
+      files.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user or automated system to process a
+      specially crafted CF file using SpamAssassin, possibly resulting in
+      execution of arbitrary commands with the privileges of the process or a
+      Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SpamAssassin users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-filter/spamassassin-3.4.5"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1946">CVE-2020-1946</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T01:30:56Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:30:23Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-27.xml
new file mode 100644
index 0000000000..030bb9ed2a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-27.xml
@@ -0,0 +1,247 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-27">
+  <title>MySQL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in MySQL, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">mysql</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>699876</bug>
+  <bug>708090</bug>
+  <bug>717628</bug>
+  <bug>732974</bug>
+  <bug>766339</bug>
+  <bug>789243</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/mysql" auto="yes" arch="*">
+      <unaffected range="ge" slot="5.7">5.7.34</unaffected>
+      <unaffected range="ge">8.0.24</unaffected>
+      <vulnerable range="lt">8.0.24</vulnerable>
+    </package>
+    <package name="dev-db/mysql-connector-c" auto="yes" arch="*">
+      <unaffected range="ge">8.0.24</unaffected>
+      <vulnerable range="lt">8.0.24</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MySQL is a popular multi-threaded, multi-user SQL server.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in MySQL. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could possibly execute arbitrary code with the privileges of
+      the process, escalate privileges, gain access to critical data or
+      complete access to all MySQL server accessible data, or cause a Denial of
+      Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MySQL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mysql-5.7.34"
+    </code>
+    
+    <p>All mysql users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mysql-8.0.24"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2938">CVE-2019-2938</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-2974">CVE-2019-2974</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14539">CVE-2020-14539</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14540">CVE-2020-14540</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14547">CVE-2020-14547</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14550">CVE-2020-14550</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14553">CVE-2020-14553</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14559">CVE-2020-14559</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14564">CVE-2020-14564</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14567">CVE-2020-14567</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14568">CVE-2020-14568</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14575">CVE-2020-14575</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14576">CVE-2020-14576</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14586">CVE-2020-14586</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14591">CVE-2020-14591</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14597">CVE-2020-14597</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14614">CVE-2020-14614</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14619">CVE-2020-14619</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14620">CVE-2020-14620</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14623">CVE-2020-14623</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14624">CVE-2020-14624</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14626">CVE-2020-14626</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14631">CVE-2020-14631</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14632">CVE-2020-14632</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14633">CVE-2020-14633</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14634">CVE-2020-14634</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14641">CVE-2020-14641</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14643">CVE-2020-14643</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14651">CVE-2020-14651</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14654">CVE-2020-14654</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14656">CVE-2020-14656</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14663">CVE-2020-14663</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14672">CVE-2020-14672</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14678">CVE-2020-14678</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14680">CVE-2020-14680</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14697">CVE-2020-14697</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14702">CVE-2020-14702</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14725">CVE-2020-14725</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14760">CVE-2020-14760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14765">CVE-2020-14765</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14769">CVE-2020-14769</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14771">CVE-2020-14771</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14773">CVE-2020-14773</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14775">CVE-2020-14775</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14776">CVE-2020-14776</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14777">CVE-2020-14777</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14785">CVE-2020-14785</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14786">CVE-2020-14786</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14789">CVE-2020-14789</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14790">CVE-2020-14790</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14791">CVE-2020-14791</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14793">CVE-2020-14793</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14794">CVE-2020-14794</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14799">CVE-2020-14799</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14800">CVE-2020-14800</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14804">CVE-2020-14804</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14809">CVE-2020-14809</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14812">CVE-2020-14812</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14814">CVE-2020-14814</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14821">CVE-2020-14821</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14827">CVE-2020-14827</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14828">CVE-2020-14828</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14829">CVE-2020-14829</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14830">CVE-2020-14830</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14836">CVE-2020-14836</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14837">CVE-2020-14837</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14838">CVE-2020-14838</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14839">CVE-2020-14839</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14844">CVE-2020-14844</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14845">CVE-2020-14845</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14846">CVE-2020-14846</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14848">CVE-2020-14848</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14852">CVE-2020-14852</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14853">CVE-2020-14853</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14860">CVE-2020-14860</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14861">CVE-2020-14861</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14866">CVE-2020-14866</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14867">CVE-2020-14867</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14868">CVE-2020-14868</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14869">CVE-2020-14869</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14870">CVE-2020-14870</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14873">CVE-2020-14873</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14878">CVE-2020-14878</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14888">CVE-2020-14888</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14891">CVE-2020-14891</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14893">CVE-2020-14893</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2570">CVE-2020-2570</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2572">CVE-2020-2572</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2573">CVE-2020-2573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2574">CVE-2020-2574</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2577">CVE-2020-2577</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2579">CVE-2020-2579</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2580">CVE-2020-2580</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2584">CVE-2020-2584</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2588">CVE-2020-2588</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2589">CVE-2020-2589</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2627">CVE-2020-2627</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2660">CVE-2020-2660</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2679">CVE-2020-2679</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2686">CVE-2020-2686</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2694">CVE-2020-2694</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2752">CVE-2020-2752</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2759">CVE-2020-2759</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2760">CVE-2020-2760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2761">CVE-2020-2761</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2762">CVE-2020-2762</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2763">CVE-2020-2763</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2765">CVE-2020-2765</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2768">CVE-2020-2768</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2770">CVE-2020-2770</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2774">CVE-2020-2774</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2779">CVE-2020-2779</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2780">CVE-2020-2780</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2790">CVE-2020-2790</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2804">CVE-2020-2804</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2806">CVE-2020-2806</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2812">CVE-2020-2812</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2814">CVE-2020-2814</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2853">CVE-2020-2853</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2875">CVE-2020-2875</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2892">CVE-2020-2892</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2893">CVE-2020-2893</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2895">CVE-2020-2895</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2896">CVE-2020-2896</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2897">CVE-2020-2897</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2898">CVE-2020-2898</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2901">CVE-2020-2901</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2903">CVE-2020-2903</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2904">CVE-2020-2904</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2921">CVE-2020-2921</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2922">CVE-2020-2922</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2923">CVE-2020-2923</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2924">CVE-2020-2924</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2925">CVE-2020-2925</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2926">CVE-2020-2926</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2928">CVE-2020-2928</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2930">CVE-2020-2930</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2933">CVE-2020-2933</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-2934">CVE-2020-2934</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1998">CVE-2021-1998</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2001">CVE-2021-2001</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2002">CVE-2021-2002</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2006">CVE-2021-2006</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2007">CVE-2021-2007</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2009">CVE-2021-2009</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2010">CVE-2021-2010</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2011">CVE-2021-2011</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2012">CVE-2021-2012</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2014">CVE-2021-2014</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2016">CVE-2021-2016</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2019">CVE-2021-2019</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2020">CVE-2021-2020</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2021">CVE-2021-2021</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2022">CVE-2021-2022</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2024">CVE-2021-2024</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2028">CVE-2021-2028</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2030">CVE-2021-2030</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2031">CVE-2021-2031</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2032">CVE-2021-2032</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2036">CVE-2021-2036</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2038">CVE-2021-2038</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2042">CVE-2021-2042</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2046">CVE-2021-2046</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2048">CVE-2021-2048</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2055">CVE-2021-2055</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2056">CVE-2021-2056</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2058">CVE-2021-2058</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2060">CVE-2021-2060</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2061">CVE-2021-2061</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2065">CVE-2021-2065</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2070">CVE-2021-2070</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2072">CVE-2021-2072</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2076">CVE-2021-2076</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2081">CVE-2021-2081</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2087">CVE-2021-2087</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2088">CVE-2021-2088</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2122">CVE-2021-2122</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2154">CVE-2021-2154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2166">CVE-2021-2166</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2180">CVE-2021-2180</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T18:09:59Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:30:48Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-28.xml
new file mode 100644
index 0000000000..f020be9135
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-28.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-28">
+  <title>MariaDB: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in MariaDB, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">mariadb</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>777786</bug>
+  <bug>789240</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/mariadb" auto="yes" arch="*">
+      <unaffected range="ge" slot="10.2">10.2.38</unaffected>
+      <unaffected range="ge" slot="10.3">10.3.29</unaffected>
+      <unaffected range="ge" slot="10.4">10.4.19</unaffected>
+      <unaffected range="ge" slot="10.5">10.5.10</unaffected>
+      <vulnerable range="lt">10.5.10</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MariaDB is an enhanced, drop-in replacement for MySQL.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in MariaDB. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MariaDB 10.2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.2.38:10.2"
+    </code>
+    
+    <p>All MariaDB 10.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.3.29:10.3"
+    </code>
+    
+    <p>All MariaDB 10.3.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.4.19:10.4"
+    </code>
+    
+    <p>All MariaDB 10.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/mariadb-10.5.10:10.5"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2154">CVE-2021-2154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2166">CVE-2021-2166</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-2180">CVE-2021-2180</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27928">CVE-2021-27928</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T01:47:51Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T09:31:09Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-29.xml
new file mode 100644
index 0000000000..e2507b22b9
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-29.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-29">
+  <title>Tar: Denial of service</title>
+  <synopsis>A vulnerability in Tar could lead to a Denial of Service condition.</synopsis>
+  <product type="ebuild">tar</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>778548</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-arch/tar" auto="yes" arch="*">
+      <unaffected range="ge">1.34</unaffected>
+      <vulnerable range="lt">1.34</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Tar program provides the ability to create and manipulate tar
+      archives.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that GNU Tar had a memory leak when processing archive
+      headers.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted
+      archive using Tar, possibly resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Tar users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-arch/tar-1.34"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20193">CVE-2021-20193</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T01:03:25Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:11:52Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-30.xml
new file mode 100644
index 0000000000..4cbf0070e7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-30.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-30">
+  <title>MuPDF: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in MuPDF, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">mupdf</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>747151</bug>
+  <bug>772311</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-text/mupdf" auto="yes" arch="*">
+      <unaffected range="ge">1.18.0-r3</unaffected>
+      <vulnerable range="lt">1.18.0-r3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MuPDF is a lightweight PDF viewer and toolkit written in portable C.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in MuPDF. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to open a specially crafted PDF
+      document using MuPDF, possibly resulting in a Denial of Service condition
+      or have other unspecified impact.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MuPDF users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-text/mupdf-1.18.0-r3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-26519">CVE-2020-26519</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3407">CVE-2021-3407</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T21:00:36Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:12:11Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-31.xml
new file mode 100644
index 0000000000..05d9ce89b5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-31.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-31">
+  <title>Nettle: Denial of service</title>
+  <synopsis>A vulnerability in Nettle could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">nettle</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>780483</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/nettle" auto="yes" arch="*">
+      <unaffected range="ge">3.7.2</unaffected>
+      <vulnerable range="lt">3.7.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Nettle is a cryptographic library that is designed to fit easily in
+      almost any context: In cryptographic toolkits for object-oriented
+      languages, such as C++, Python, or Pike, in applications like lsh or
+      GnuPG, or even in kernel space.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Nettle incorrectly handled signature
+      verification.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send a specially crafted valid-looking input
+      signature, possibly resulting in a Denial of Service condition or force
+      an invalid signature.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Nettle users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/nettle-3.7.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20305">CVE-2021-20305</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T20:00:54Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:12:28Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-32.xml
new file mode 100644
index 0000000000..44edeaa40b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-32.xml
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-32">
+  <title>PostgreSQL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PostgreSQL, the worst
+    of which could result in information disclosure.
+  </synopsis>
+  <product type="ebuild">postgresql</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>771942</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-db/postgresql" auto="yes" arch="*">
+      <unaffected range="ge" slot="9.5">9.5.25</unaffected>
+      <unaffected range="ge" slot="9.6">9.6.21</unaffected>
+      <unaffected range="ge" slot="10">10.16</unaffected>
+      <unaffected range="ge" slot="11">11.11</unaffected>
+      <unaffected range="ge" slot="12">12.6</unaffected>
+      <unaffected range="ge" slot="13">13.2</unaffected>
+      <vulnerable range="lt">13.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PostgreSQL is an open source object-relational database management
+      system.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PostgreSQL. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An authenticated remote attacker, by executing malicious crafted
+      queries, could possibly disclose sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PostgreSQL 9.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.5.25:9.5"
+    </code>
+    
+    <p>All PostgreSQL 9.6.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-9.6.21:9.6"
+    </code>
+    
+    <p>All PostgreSQL 10.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-10.16:10"
+    </code>
+    
+    <p>All PostgreSQL 11.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-11.11:11"
+    </code>
+    
+    <p>All PostgreSQL 12.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-12.6:12"
+    </code>
+    
+    <p>All PostgreSQL 13.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/postgresql-13.2:13"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20229">CVE-2021-20229</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3393">CVE-2021-3393</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T18:56:02Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:12:52Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-33.xml
new file mode 100644
index 0000000000..dddf99d669
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-33.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-33">
+  <title>containerd: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in containerd, the worst
+    of which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">containerd</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>758137</bug>
+  <bug>775329</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-emulation/containerd" auto="yes" arch="*">
+      <unaffected range="ge">1.4.4</unaffected>
+      <vulnerable range="lt">1.4.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Containerd is a daemon with an API and a command line client, to manage
+      containers on one machine. It uses runC to run containers according to
+      the OCI specification.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in containerd. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker, able to run a malicious container in the same network
+      namespace as the shim, could possibly escalate privileges. Furthermore,
+      an attacker could disclose sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All containerd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/containerd-1.4.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15257">CVE-2020-15257</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21334">CVE-2021-21334</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T19:40:34Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:13:09Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-34.xml
new file mode 100644
index 0000000000..31c7e3ef70
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-34.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-34">
+  <title>Bash: Privilege escalation</title>
+  <synopsis>A vulnerability in Bash may allow users to escalate privileges.</synopsis>
+  <product type="ebuild">bash</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>702488</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-shells/bash" auto="yes" arch="*">
+      <unaffected range="ge">5.0_p11-r1</unaffected>
+      <vulnerable range="lt">5.0_p11-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Bash is the standard GNU Bourne Again SHell.</p>
+  </background>
+  <description>
+    <p>It was discovered that Bash incorrectly dropped privileges by setting
+      its effective UID to its real UID.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker could possibly escalate privileges.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Bash users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-shells/bash-5.0_p11-r1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-18276">CVE-2019-18276</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T19:22:45Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:13:27Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-35.xml
new file mode 100644
index 0000000000..33ff95b8cb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-35.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-35">
+  <title>OpenSSH: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenSSH, the worst of
+    which could allow a remote attacker to execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">openssh</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>763048</bug>
+  <bug>774090</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-misc/openssh" auto="yes" arch="*">
+      <unaffected range="ge">8.5_p1</unaffected>
+      <vulnerable range="lt">8.5_p1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSSH is a complete SSH protocol implementation that includes SFTP
+      client and server support.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenSSH. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, able to access the socket of the forwarding agent,
+      might be able to execute arbitrary code with the privileges of the
+      process or cause a Denial of Service condition.
+      Furthermore, a remote attacker might conduct a man-in-the-middle attack
+      targeting initial connection attempts where no host key for the server
+      has been cached by client yet.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSSH users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-8.5_p1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14145">CVE-2020-14145</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28041">CVE-2021-28041</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T00:47:38Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T10:35:06Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-36.xml
new file mode 100644
index 0000000000..2183956951
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-36.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-36">
+  <title>cURL: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in cURL, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">curl</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>779535</bug>
+  <bug>792192</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="net-misc/curl" auto="yes" arch="*">
+      <unaffected range="ge">7.77.0</unaffected>
+      <vulnerable range="lt">7.77.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A command line tool and library for transferring data with URLs.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in cURL. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All cURL users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/curl-7.77.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22876">CVE-2021-22876</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22890">CVE-2021-22890</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22898">CVE-2021-22898</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22901">CVE-2021-22901</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T01:59:03Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T12:37:53Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-37.xml
new file mode 100644
index 0000000000..207f833941
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-37.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-37">
+  <title>Nextcloud Desktop Client: User-assisted execution of arbitrary code</title>
+  <synopsis>A vulnerability in Nextcloud Desktop Client could allow a remote
+    attacker to execute arbitrary commands.
+  </synopsis>
+  <product type="ebuild">nextcloud-client</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>783531</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/nextcloud-client" auto="yes" arch="*">
+      <unaffected range="ge">3.1.3</unaffected>
+      <vulnerable range="lt">3.1.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Nextcloud Desktop Client is a tool to synchronize files from
+      Nextcloud Server with your computer.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that Nextcloud Desktop Client did not validate URLs.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to connect to a malicious
+      Nextcloud server to cause the execution of arbitrary commands with the
+      privileges of the user running the Nextcloud Desktop Client application.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Nextcloud Desktop Client users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/nextcloud-client-3.1.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22879">CVE-2021-22879</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-25T14:10:09Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T13:19:22Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-38.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-38.xml
new file mode 100644
index 0000000000..d5c53fccdb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-38.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-38">
+  <title>nginx: Remote code execution</title>
+  <synopsis>A vulnerability in nginx could lead to remote code execution.</synopsis>
+  <product type="ebuild">nginx</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>792087</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/nginx" auto="yes" arch="*">
+      <unaffected range="ge" slot="0">1.20.1</unaffected>
+      <unaffected range="ge" slot="mainline">1.21.0</unaffected>
+      <vulnerable range="lt">1.21.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>nginx is a robust, small, and high performance HTTP and reverse proxy
+      server.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that nginx did not properly handle DNS responses when
+      “resolver” directive is used.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker, able to provide DNS responses to a nginx instance,
+      could cause the execution of arbitrary code with the privileges of the
+      process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All nginx users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/nginx-1.20.1"
+    </code>
+    
+    <p>All nginx mainline users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-servers/nginx-1.21.0:mainline"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-23017">CVE-2021-23017</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-26T17:05:23Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T17:40:33Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-39.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-39.xml
new file mode 100644
index 0000000000..83c8ceab4f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202105-39.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202105-39">
+  <title>Ceph: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Ceph, the worst of
+    which could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">ceph</product>
+  <announced>2021-05-26</announced>
+  <revised count="1">2021-05-26</revised>
+  <bug>760824</bug>
+  <bug>761969</bug>
+  <bug>783486</bug>
+  <bug>791253</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-cluster/ceph" auto="yes" arch="*">
+      <unaffected range="ge">14.2.21</unaffected>
+      <vulnerable range="lt">14.2.21</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Ceph is a distributed network file system designed to provide excellent
+      performance, reliability, and scalability.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Ceph. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Ceph users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-cluster/ceph-14.2.21"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-10753">CVE-2020-10753</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1759">CVE-2020-1759</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-1760">CVE-2020-1760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25660">CVE-2020-25660</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-25678">CVE-2020-25678</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27781">CVE-2020-27781</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20288">CVE-2021-20288</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T14:51:24Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-05-26T20:56:21Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-01.xml
new file mode 100644
index 0000000000..032f9797ab
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-01.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-01">
+  <title>corosync: Denial of service</title>
+  <synopsis>A vulnerability in corosync could lead to a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">corosync</product>
+  <announced>2021-07-03</announced>
+  <revised count="1">2021-07-03</revised>
+  <bug>658354</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-cluster/corosync" auto="yes" arch="*">
+      <unaffected range="ge">3.0.4</unaffected>
+      <vulnerable range="lt">3.0.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Corosync Cluster Engine is a Group Communication System with
+      additional features for implementing high availability within
+      applications.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that corosync allowed an unauthenticated user to cause
+      a Denial of Service by application crash.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send a malicious crafted packet, possibly
+      resulting in a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All corosync users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-cluster/corosync-3.0.4"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-1084">CVE-2018-1084</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-26T21:04:45Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-03T01:25:30Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-02.xml
new file mode 100644
index 0000000000..befac3c0b7
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-02.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-02">
+  <title>FreeImage: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in FreeImage, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">freeimage</product>
+  <announced>2021-07-03</announced>
+  <revised count="1">2021-07-03</revised>
+  <bug>701850</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-libs/freeimage" auto="yes" arch="*">
+      <unaffected range="ge">3.18.0-r2</unaffected>
+      <vulnerable range="lt">3.18.0-r2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FreeImage is an Open Source library project for developers who would
+      like to support popular graphics image formats like PNG, BMP, JPEG, TIFF
+      and others as needed by today’s multimedia applications.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in FreeImage. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker, by enticing a user to process a specially crafted
+      image file, could possibly cause a Denial of Service condition or other
+      unspecified impact.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FreeImage users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/freeimage-3.18.0-r2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12211">CVE-2019-12211</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12213">CVE-2019-12213</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-26T21:35:01Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-03T02:48:33Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-03.xml
new file mode 100644
index 0000000000..2de2f6eb59
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-03.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-03">
+  <title>libqb: Insecure temporary file</title>
+  <synopsis>An insecure temporary file usage has been reported in libqb
+    possibly allowing local code execution.
+  </synopsis>
+  <product type="ebuild">libqb</product>
+  <announced>2021-07-03</announced>
+  <revised count="1">2021-07-03</revised>
+  <bug>699860</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-cluster/libqb" auto="yes" arch="*">
+      <unaffected range="ge">1.0.5</unaffected>
+      <vulnerable range="lt">1.0.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libqb is a library with the primary purpose of providing
+      high-performance, reusable features for client-server architecture, such
+      as logging, tracing, inter-process communication (IPC), and polling.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that libqb used predictable filenames (under /dev/shm
+      and /tmp) without O_EXCL.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A local attacker could perform symlink attacks to overwrite arbitrary
+      files with the privileges of the user running the application linked
+      against libqb.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libqb users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-cluster/libqb-1.0.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-12779">CVE-2019-12779</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-26T21:28:24Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-03T03:11:34Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-04.xml
new file mode 100644
index 0000000000..45df46de44
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-04.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-04">
+  <title>Graphviz: Multiple vulnerabilities
+  </title>
+  <synopsis>Multiple vulnerabilities have been found in Graphviz, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">Graphviz</product>
+  <announced>2021-07-03</announced>
+  <revised count="1">2021-07-03</revised>
+  <bug>684844</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-gfx/graphviz" auto="yes" arch="*">
+      <unaffected range="ge">2.47.1</unaffected>
+      <vulnerable range="lt">2.47.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Graphviz is an open source graph visualization software.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Graphviz. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to process a specially crafted
+      file using Graphviz, possibly resulting in execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Graphviz users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-gfx/graphviz-2.47.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9904">CVE-2019-9904</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-18032">CVE-2020-18032</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-26T21:13:28Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-03T03:32:10Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-05.xml
new file mode 100644
index 0000000000..292c32b550
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-05.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-05">
+  <title>libxml2: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libxml2, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libxml2</product>
+  <announced>2021-07-06</announced>
+  <revised count="1">2021-07-06</revised>
+  <bug>749849</bug>
+  <bug>790002</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/libxml2" auto="yes" arch="*">
+      <unaffected range="ge">2.9.11</unaffected>
+      <vulnerable range="lt">2.9.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libxml2 is the XML (eXtended Markup Language) C parser and toolkit
+      initially developed for the GNOME project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libxml2. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could entice a user to process a specially crafted XML
+      document using an application linked against libxml2, possibly resulting
+      in a Denial of Service condition or obtaining sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libxml2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/libxml2-2.9.12-r3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24977">CVE-2020-24977</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3516">CVE-2021-3516</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3517">CVE-2021-3517</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3518">CVE-2021-3518</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3537">CVE-2021-3537</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3541">CVE-2021-3541</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T00:17:09Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-06T03:13:56Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-06.xml
new file mode 100644
index 0000000000..369536037a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-06.xml
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-06">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabillities have been found in Chromium and Google
+    Chrome, the worst of which could allow remote attackers to execute
+    arbitrary code.
+  </synopsis>
+  <product type="ebuild">google-chrome,chromium</product>
+  <announced>2021-07-06</announced>
+  <revised count="1">2021-07-06</revised>
+  <bug>789420</bug>
+  <bug>792084</bug>
+  <bug>795204</bug>
+  <bug>796338</bug>
+  <bug>796521</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">91.0.4472.114</unaffected>
+      <vulnerable range="lt">91.0.4472.114</vulnerable>
+    </package>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">91.0.4472.114</unaffected>
+      <vulnerable range="lt">91.0.4472.114</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Chromium and Google
+      Chrome. Please review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker could execute arbitrary code, escalate privileges,
+      obtain sensitive information, spoof a URL or cause a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-91.0.4472.114"
+    </code>
+    
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-91.0.4472.114"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30506">CVE-2021-30506</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30507">CVE-2021-30507</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30508">CVE-2021-30508</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30509">CVE-2021-30509</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30510">CVE-2021-30510</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30511">CVE-2021-30511</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30512">CVE-2021-30512</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30513">CVE-2021-30513</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30514">CVE-2021-30514</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30515">CVE-2021-30515</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30516">CVE-2021-30516</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30517">CVE-2021-30517</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30518">CVE-2021-30518</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30519">CVE-2021-30519</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30520">CVE-2021-30520</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30521">CVE-2021-30521</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30522">CVE-2021-30522</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30523">CVE-2021-30523</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30524">CVE-2021-30524</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30525">CVE-2021-30525</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30526">CVE-2021-30526</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30527">CVE-2021-30527</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30528">CVE-2021-30528</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30530">CVE-2021-30530</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30531">CVE-2021-30531</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30532">CVE-2021-30532</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30533">CVE-2021-30533</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30534">CVE-2021-30534</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30536">CVE-2021-30536</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30537">CVE-2021-30537</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30538">CVE-2021-30538</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30539">CVE-2021-30539</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30540">CVE-2021-30540</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30544">CVE-2021-30544</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30545">CVE-2021-30545</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30546">CVE-2021-30546</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30548">CVE-2021-30548</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30549">CVE-2021-30549</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30550">CVE-2021-30550</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30551">CVE-2021-30551</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30552">CVE-2021-30552</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30553">CVE-2021-30553</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30554">CVE-2021-30554</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30555">CVE-2021-30555</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30556">CVE-2021-30556</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30557">CVE-2021-30557</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-05T03:25:38Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-06T03:30:34Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-07.xml
new file mode 100644
index 0000000000..9a915ff459
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-07.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-07">
+  <title>glibc: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities in glibc could result in Denial of
+    Service.
+  </synopsis>
+  <product type="ebuild">glibc</product>
+  <announced>2021-07-06</announced>
+  <revised count="1">2021-07-06</revised>
+  <bug>764176</bug>
+  <bug>767718</bug>
+  <bug>772425</bug>
+  <bug>792261</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-libs/glibc" auto="yes" arch="*">
+      <unaffected range="ge">2.33-r1</unaffected>
+      <vulnerable range="lt">2.33-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>glibc is a package that contains the GNU C library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in glibc. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All glibc users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-libs/glibc-2.33-r1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-25013">CVE-2019-25013</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-27618">CVE-2020-27618</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27645">CVE-2021-27645</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3326">CVE-2021-3326</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33574">CVE-2021-33574</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-05T02:27:53Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-06T03:37:10Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-08.xml
new file mode 100644
index 0000000000..07a104b936
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-08.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-08">
+  <title>PostSRSd: Denial of service</title>
+  <synopsis>Multiple vulnerabilities in PostSRSd could lead to a Denial of
+    Service condition.
+  </synopsis>
+  <product type="ebuild">postsrsd</product>
+  <announced>2021-07-06</announced>
+  <revised count="1">2021-07-06</revised>
+  <bug>760821</bug>
+  <bug>793674</bug>
+  <access>remote</access>
+  <affected>
+    <package name="mail-filter/postsrsd" auto="yes" arch="*">
+      <unaffected range="ge">1.11</unaffected>
+      <vulnerable range="lt">1.11</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PostSRSd is a Postfix sender rewriting scheme daemon</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PostSRSd. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All postsrsd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=mail-filter/postsrsd-1.11"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35573">CVE-2020-35573</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35525">CVE-2021-35525</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-02-20T19:48:10Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-06T03:43:40Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-09.xml
new file mode 100644
index 0000000000..355d53f872
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-09.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-09">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2021-07-07</announced>
+  <revised count="1">2021-07-07</revised>
+  <bug>794082</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.11.0</unaffected>
+      <unaffected range="ge">89.0</unaffected>
+      <vulnerable range="lt">89.0</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge" slot="0/esr78">78.11.0</unaffected>
+      <unaffected range="ge">89.0</unaffected>
+      <vulnerable range="lt">89.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox ESR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-78.11.0"
+    </code>
+    
+    <p>All Mozilla Firefox ESR binary users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-78.11.0"
+    </code>
+    
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-89.0"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-89.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29959">CVE-2021-29959</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29960">CVE-2021-29960</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29961">CVE-2021-29961</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29966">CVE-2021-29966</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-06T03:15:54Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-07-07T07:46:37Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-10.xml
new file mode 100644
index 0000000000..b271ec42cb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-10.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-10">
+  <title>TCG TPM2 Software Stack: Information disclosure</title>
+  <synopsis>A bug in TCG TPM2 Software Stack may result in information
+    disclosure to a local attacker.
+  </synopsis>
+  <product type="ebuild">tpm2-tss</product>
+  <announced>2021-07-07</announced>
+  <revised count="1">2021-07-07</revised>
+  <bug>746563</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-crypt/tpm2-tss" auto="yes" arch="*">
+      <unaffected range="ge">2.4.3</unaffected>
+      <vulnerable range="lt">2.4.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>TCG TPM2 Software Stack is a library to interface with trusted platform
+      modules.
+    </p>
+  </background>
+  <description>
+    <p>TCG TPM2 Software Stack did not appropriately apply FAPI policies to
+      protect data encrypted with the trusted platform module.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Data encrypted using TCG TPM2 Software Stack (tpm2-tss) may not be
+      protected from an attacker.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All tpm2-tss users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-crypt/tpm2-tss-2.4.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-24455">CVE-2020-24455</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T14:04:16Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-07T07:58:39Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-11.xml
new file mode 100644
index 0000000000..33c7a57948
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-11.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-11">
+  <title>OpenDoas: Insufficient environment filtering</title>
+  <synopsis>A vulnerability in OpenDoas could lead to privilege escalation.</synopsis>
+  <product type="ebuild">doas</product>
+  <announced>2021-07-07</announced>
+  <revised count="1">2021-07-07</revised>
+  <bug>767781</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-admin/doas" auto="yes" arch="*">
+      <unaffected range="ge">6.8.1</unaffected>
+      <vulnerable range="lt">6.8.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenDoas allows users to run commands as other users.</p>
+  </background>
+  <description>
+    <p>OpenDoas does not properly filter the PATH variable from the resulting
+      shell after escalating privileges.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A local attacker with control of a user’s PATH variable could escalate
+      privileges if that user uses OpenDoas with a poisoned PATH variable.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenDoas users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-admin/doas-6.8.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-25016">CVE-2019-25016</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-30T16:48:56Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-07T07:59:33Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-12.xml
new file mode 100644
index 0000000000..3dc6bc4692
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-12.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-12">
+  <title>Schism Tracker: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Schism Tracker, the
+    worst of which could result in denial of service.
+  </synopsis>
+  <product type="ebuild">schismtracker</product>
+  <announced>2021-07-07</announced>
+  <revised count="1">2021-07-07</revised>
+  <bug>711210</bug>
+  <access>local</access>
+  <affected>
+    <package name="media-sound/schismtracker" auto="yes" arch="*">
+      <unaffected range="ge">20190805</unaffected>
+      <vulnerable range="lt">20190805</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Schism Tracker is a free implementation of Impulse Tracker, a tool used
+      to create high quality music.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Schism Tracker. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Schism Tracker users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-sound/schismtracker-20190805"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14465">CVE-2019-14465</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-14523">CVE-2019-14523</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-06-02T11:30:32Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-07T08:00:28Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-13.xml
new file mode 100644
index 0000000000..bb98e4f013
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-13.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-13">
+  <title>GLib: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in GLib, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">glib</product>
+  <announced>2021-07-07</announced>
+  <revised count="1">2021-07-07</revised>
+  <bug>768753</bug>
+  <bug>775632</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-libs/glib" auto="yes" arch="*">
+      <unaffected range="ge">2.66.8</unaffected>
+      <vulnerable range="lt">2.66.8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GLib is a library providing a number of GNOME’s core objects and
+      functions.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in GLib. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GLib users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-libs/glib-2.66.8"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27218">CVE-2021-27218</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27219">CVE-2021-27219</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28153">CVE-2021-28153</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-24T01:51:26Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-07T08:01:06Z">whissi</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-14.xml
new file mode 100644
index 0000000000..5a10a179d0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-14.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-14">
+  <title>rclone: Weak random number generation</title>
+  <synopsis>rclone uses weak random number generation such that generated
+    passwords can be easily cracked.
+  </synopsis>
+  <product type="ebuild">rclone</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>755638</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-misc/rclone" auto="yes" arch="*">
+      <unaffected range="ge">1.53.3</unaffected>
+      <vulnerable range="lt">1.53.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>rclone is a problem to sync files to and from various cloud storage
+      providers.
+    </p>
+  </background>
+  <description>
+    <p>Passwords generated with rclone were insecurely generated and are
+      vulnerable to brute force attacks.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Data kept secret with a password generated by rclone may be disclosed to
+      a local attacker.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All rclone users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/rclone-1.53.3"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28924">CVE-2020-28924</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-31T20:48:28Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T03:19:54Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-15.xml
new file mode 100644
index 0000000000..79b937641f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-15.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-15">
+  <title>blktrace: Buffer overflow</title>
+  <synopsis>A buffer overflow in blktrace might allow arbitrary code execution.</synopsis>
+  <product type="ebuild">blktrace</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>655146</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-block/blktrace" auto="yes" arch="*">
+      <unaffected range="ge">1.2.0_p20210419122502</unaffected>
+      <vulnerable range="lt">1.2.0_p20210419122502</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>blktrace shows detailed information about what is happening on a block
+      device IO queue.
+    </p>
+  </background>
+  <description>
+    <p>A crafted file could cause a buffer overflow in the ‘dev_map_read’
+      function because the device and devno arrays are too small.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted file
+      using blktrace, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All blktrace users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=sys-block/blktrace-1.2.0_p20210419122502"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-10689">CVE-2018-10689</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-06T00:11:19Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T03:29:36Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-16.xml
new file mode 100644
index 0000000000..389a5b9374
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-16.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-16">
+  <title>Privoxy: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Privoxy, the worst of
+    which could result in Denial of Service.
+  </synopsis>
+  <product type="ebuild">privoxy</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>758428</bug>
+  <bug>768096</bug>
+  <bug>771960</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-proxy/privoxy" auto="yes" arch="*">
+      <unaffected range="ge">3.0.32</unaffected>
+      <vulnerable range="lt">3.0.32</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Privoxy is a web proxy with advanced filtering capabilities for
+      enhancing privacy.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in privoxy. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Privoxy users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-proxy/privoxy-3.0.32"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35502">CVE-2020-35502</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20209">CVE-2021-20209</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20210">CVE-2021-20210</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20211">CVE-2021-20211</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20212">CVE-2021-20212</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20213">CVE-2021-20213</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20214">CVE-2021-20214</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20215">CVE-2021-20215</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20216">CVE-2021-20216</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20217">CVE-2021-20217</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20272">CVE-2021-20272</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20273">CVE-2021-20273</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20274">CVE-2021-20274</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20275">CVE-2021-20275</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20276">CVE-2021-20276</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-31T21:51:37Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T03:36:21Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-17.xml
new file mode 100644
index 0000000000..4646661b63
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-17.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-17">
+  <title>Mechanize: Command injection</title>
+  <synopsis>A file named by an attacker being utilized by Mechanize could
+    result in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">mechanize</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>768609</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="dev-ruby/mechanize" auto="yes" arch="*">
+      <unaffected range="ge">2.7.7</unaffected>
+      <vulnerable range="lt">2.7.7</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mechanize is a Ruby library used for automating interaction with
+      websites.
+    </p>
+  </background>
+  <description>
+    <p>Mechanize does not neutralize filename input and could allow arbitrary
+      code execution if an attacker can control filenames used by Mechanize.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mechanize users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-ruby/mechanize-2.7.7"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21289">CVE-2021-21289</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-31T21:54:48Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T03:38:36Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-18.xml
new file mode 100644
index 0000000000..2b65f11463
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-18.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-18">
+  <title>BladeEnc: Buffer overflow</title>
+  <synopsis>A buffer overflow in BladeEnc might allow arbitrary code execution.</synopsis>
+  <product type="ebuild">bladeenc</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>631394</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-sound/bladeenc" auto="yes" arch="*">
+      <vulnerable range="lt">0.94.2-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>BladeEnc is an mp3 encoder.</p>
+  </background>
+  <description>
+    <p>A crafted file could cause a buffer overflow in the iteration_loop
+      function in BladeEnc.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted using
+      BladeEnc, possibly resulting in execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for BladeEnc. We recommend that users
+      unmerge it:
+    </p>
+    
+    <code>
+      # emerge --ask --depclean "media-sound/bladeenc"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining BladeEnc have discontinued
+      support at this time. It may be possible that a new Gentoo developer will
+      update BladeEnc at a later date. We do not have a suggestion for a
+      replacement at this time.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-14648">CVE-2017-14648</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-05T23:50:22Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T03:44:12Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-19.xml
new file mode 100644
index 0000000000..75efc2f17d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-19.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-19">
+  <title>Jinja: Denial of service</title>
+  <synopsis>An inefficient regular expression could be exploited to cause a
+    Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">jinja2</product>
+  <announced>2021-07-08</announced>
+  <revised count="1">2021-07-08</revised>
+  <bug>768300</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/jinja" auto="yes" arch="*">
+      <unaffected range="ge">2.11.3</unaffected>
+      <vulnerable range="lt">2.11.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Jinja is a template engine written in pure Python.</p>
+  </background>
+  <description>
+    <p>The ‘urlize’ filter in Jinja utilized an inefficient regular
+      expression that could be exploited to consume excess CPU.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker could cause a Denial of Service condition via crafted input
+      to the ‘urlize’ Jinja filter.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Jinja users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/jinja-2.11.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28493">CVE-2020-28493</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-05-31T21:46:47Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2021-07-08T04:02:25Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-20.xml
new file mode 100644
index 0000000000..669cd332a6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-20.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-20">
+  <title>Redis: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Redis, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">redis</product>
+  <announced>2021-07-09</announced>
+  <revised count="1">2021-07-09</revised>
+  <bug>788211</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-db/redis" auto="yes" arch="*">
+      <unaffected range="ge">6.0.13</unaffected>
+      <unaffected range="ge">6.2.3</unaffected>
+      <vulnerable range="lt">6.0.13</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Redis is an open source (BSD licensed), in-memory data structure store,
+      used as a database, cache and message broker.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Redis. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Redis 6.0.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/redis-6.0.13"
+    </code>
+    
+    <p>All Redis 6.2.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-db/redis-6.2.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29477">CVE-2021-29477</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29478">CVE-2021-29478</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-08T22:57:01Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-07-09T02:52:43Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-21.xml
new file mode 100644
index 0000000000..b8f906df8a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-21.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-21">
+  <title>Wireshark: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Wireshark, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">wireshark</product>
+  <announced>2021-07-09</announced>
+  <revised count="1">2021-07-09</revised>
+  <bug>767907</bug>
+  <bug>775323</bug>
+  <bug>784899</bug>
+  <bug>793968</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-analyzer/wireshark" auto="yes" arch="*">
+      <unaffected range="ge">3.4.6</unaffected>
+      <vulnerable range="lt">3.4.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Wireshark is a network protocol analyzer formerly known as ethereal.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Wireshark. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Wireshark users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-analyzer/wireshark-3.4.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22173">CVE-2021-22173</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22174">CVE-2021-22174</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22191">CVE-2021-22191</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22207">CVE-2021-22207</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-22222">CVE-2021-22222</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-08T23:11:17Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-07-09T02:54:48Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-22.xml
new file mode 100644
index 0000000000..47009889f6
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-22.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-22">
+  <title>InspIRCd: Information disclosure</title>
+  <synopsis>An information disclosure vulnerability in InspIRCd may allow
+    remote attackers to obtain sensitive information.
+  </synopsis>
+  <product type="ebuild">inspircd</product>
+  <announced>2021-07-09</announced>
+  <revised count="1">2021-07-09</revised>
+  <bug>791589</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-irc/inspircd" auto="yes" arch="*">
+      <unaffected range="ge">3.10.0</unaffected>
+      <vulnerable range="lt">3.10.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>InspIRCd is a modular Internet Relay Chat (IRC) server written in C++
+      which was created from scratch to be stable, modern and lightweight.
+    </p>
+  </background>
+  <description>
+    <p>InspIRCd incorrectly handled malformed PONG messages, resulting in
+      access of freed memory.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could send crafted packets to the server, possibly
+      allowing them to obtain sensitive information.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All InspIRCd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-irc/inspircd-3.10.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33586">CVE-2021-33586</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-08T23:19:01Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-07-09T02:55:39Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-23.xml
new file mode 100644
index 0000000000..9c39ca6f7a
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-23.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-23">
+  <title>Docker: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Docker, the worst of
+    which could result in privilege escalation to root on the host.
+  </synopsis>
+  <product type="ebuild">docker</product>
+  <announced>2021-07-10</announced>
+  <revised count="1">2021-07-10</revised>
+  <bug>768612</bug>
+  <access>local</access>
+  <affected>
+    <package name="app-emulation/docker" auto="yes" arch="*">
+      <unaffected range="ge">19.03.15</unaffected>
+      <unaffected range="ge">20.10.3</unaffected>
+      <vulnerable range="lt">20.10.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Docker is the world’s leading software containerization platform.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Docker. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Docker 19.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/docker-19.03.15"
+    </code>
+    
+    <p>All Docker 20.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/docker-20.10.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21284">CVE-2021-21284</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21285">CVE-2021-21285</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-10T00:25:27Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-10T02:49:46Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-24.xml
new file mode 100644
index 0000000000..c5aea138e3
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-24.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-24">
+  <title>Binutils: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Binutils, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">binutils</product>
+  <announced>2021-07-10</announced>
+  <revised count="1">2021-07-10</revised>
+  <bug>678806</bug>
+  <bug>761957</bug>
+  <bug>764170</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-devel/binutils" auto="yes" arch="*">
+      <unaffected range="ge">2.35.2</unaffected>
+      <vulnerable range="lt">2.35.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The GNU Binutils are a collection of tools to create, modify and analyse
+      binary files. Many of the files use BFD, the Binary File Descriptor
+      library, to do low-level manipulation.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Binutils. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Binutils users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-devel/binutils-2.35.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9070">CVE-2019-9070</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9071">CVE-2019-9071</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9072">CVE-2019-9072</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9073">CVE-2019-9073</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9074">CVE-2019-9074</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9075">CVE-2019-9075</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9076">CVE-2019-9076</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-9077">CVE-2019-9077</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-19599">CVE-2020-19599</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35448">CVE-2020-35448</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35493">CVE-2020-35493</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35494">CVE-2020-35494</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35495">CVE-2020-35495</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35496">CVE-2020-35496</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35507">CVE-2020-35507</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-06T00:21:42Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-10T02:51:25Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-25.xml
new file mode 100644
index 0000000000..5e9b2a4ff2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-25.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-25">
+  <title>Tor: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Tor, the worst of which
+    could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">tor</product>
+  <announced>2021-07-10</announced>
+  <revised count="1">2021-07-10</revised>
+  <bug>776586</bug>
+  <bug>795969</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-vpn/tor" auto="yes" arch="*">
+      <unaffected range="ge">0.4.6.5</unaffected>
+      <unaffected range="ge">0.4.5.9</unaffected>
+      <unaffected range="ge">0.4.4.9</unaffected>
+      <vulnerable range="lt">0.4.6.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Tor is an implementation of second generation Onion Routing, a
+      connection-oriented anonymizing communication service.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Tor. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Tor 0.4.6.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/tor-0.4.6.5"
+    </code>
+    
+    <p>All Tor 0.4.5.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/tor-0.4.5.9"
+    </code>
+    
+    <p>All Tor 0.4.4.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-vpn/tor-0.4.4.9"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28089">CVE-2021-28089</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28090">CVE-2021-28090</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-34548">CVE-2021-34548</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-34549">CVE-2021-34549</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-34550">CVE-2021-34550</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-10T00:37:16Z">sam_c</metadata>
+  <metadata tag="submitter" timestamp="2021-07-10T02:53:55Z">sam_c</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-26.xml
new file mode 100644
index 0000000000..311683d9ec
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-26.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-26">
+  <title>runC: Container breakout</title>
+  <synopsis>A vulnerability has been found in runC which could result in
+    privilege escalation.
+  </synopsis>
+  <product type="ebuild">runc</product>
+  <announced>2021-07-10</announced>
+  <revised count="1">2021-07-10</revised>
+  <bug>790257</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-emulation/runc" auto="yes" arch="*">
+      <unaffected range="ge">1.0.0_rc95</unaffected>
+      <vulnerable range="lt">1.0.0_rc95</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>runC is a CLI tool for spawning and running containers according to the
+      OCI specification.
+    </p>
+  </background>
+  <description>
+    <p>A vulnerability in runC could allow an attacker to achieve privilege
+      escalation if specific mount configuration prerequisites are satisfied.
+    </p>
+  </description>
+  <impact type="low">
+    <p>An attacker may be able to escalation privileges to gain access to the
+      host system.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All runC users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/runc-1.0.0_rc95"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30465">CVE-2021-30465</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-10T00:27:46Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-10T02:54:58Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-27.xml
new file mode 100644
index 0000000000..7e0b126848
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-27.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-27">
+  <title>OpenEXR: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenEXR, the worst of
+    which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">openexr</product>
+  <announced>2021-07-11</announced>
+  <revised count="1">2021-07-11</revised>
+  <bug>717474</bug>
+  <bug>746794</bug>
+  <bug>762862</bug>
+  <bug>770229</bug>
+  <bug>776808</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/openexr" auto="yes" arch="*">
+      <unaffected range="ge">2.5.6</unaffected>
+      <vulnerable range="lt">2.5.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenEXR is a high dynamic-range (HDR) image file format developed by
+      Industrial Light &amp; Magic for use in computer imaging applications.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenEXR. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenEXR users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/openexr-2.5.6"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11758">CVE-2020-11758</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11759">CVE-2020-11759</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11760">CVE-2020-11760</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11761">CVE-2020-11761</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11762">CVE-2020-11762</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11763">CVE-2020-11763</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11764">CVE-2020-11764</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-11765">CVE-2020-11765</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15304">CVE-2020-15304</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15305">CVE-2020-15305</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15306">CVE-2020-15306</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20296">CVE-2021-20296</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3474">CVE-2021-3474</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3475">CVE-2021-3475</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3476">CVE-2021-3476</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3477">CVE-2021-3477</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3478">CVE-2021-3478</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3479">CVE-2021-3479</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-11T02:00:34Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-11T02:27:52Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-28.xml
new file mode 100644
index 0000000000..b7822d9afc
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-28.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-28">
+  <title>GNU Chess: Buffer overflow</title>
+  <synopsis>A buffer overflow in GNU Chess might allow arbitrary code
+    execution.
+  </synopsis>
+  <product type="ebuild">gnuchess</product>
+  <announced>2021-07-12</announced>
+  <revised count="1">2021-07-12</revised>
+  <bug>780855</bug>
+  <access>remote</access>
+  <affected>
+    <package name="games-board/gnuchess" auto="yes" arch="*">
+      <unaffected range="ge">6.2.8-r1</unaffected>
+      <vulnerable range="lt">6.2.8-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>GNU Chess is a console based chess interfae.</p>
+  </background>
+  <description>
+    <p>The cmd_pgnload() and cmd_pgnreplay() functions in cmd.cc in GNU Chess
+      to not sufficiently validate PGN file input, potentially resulting in a
+      buffer overflow.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted PGN
+      file using GNU Chess, possibly resulting in execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All GNU Chess users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=games-board/gnuchess-6.2.8-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30184">CVE-2021-30184</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-06T01:16:05Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-12T02:45:49Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-29.xml
new file mode 100644
index 0000000000..e67c3b566e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-29.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-29">
+  <title>ConnMan: Multiple vulnerabilities</title>
+  <synopsis>A buffer overflow in ConnMan might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">connman</product>
+  <announced>2021-07-12</announced>
+  <revised count="1">2021-07-12</revised>
+  <bug>769491</bug>
+  <bug>795084</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/connman" auto="yes" arch="*">
+      <unaffected range="ge">1.40</unaffected>
+      <vulnerable range="lt">1.40</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ConnMan provides a daemon for managing Internet connections.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in connman. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ConnMan users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/connman-1.40"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26675">CVE-2021-26675</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26676">CVE-2021-26676</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33833">CVE-2021-33833</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-11T03:04:08Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-12T02:47:52Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-30.xml
new file mode 100644
index 0000000000..bd790484fb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-30.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-30">
+  <title>Xen: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Xen, the worst of which
+    could result in privilege escalation.
+  </synopsis>
+  <product type="ebuild">xen</product>
+  <announced>2021-07-12</announced>
+  <revised count="1">2021-07-12</revised>
+  <bug>760144</bug>
+  <bug>766474</bug>
+  <bug>783456</bug>
+  <bug>795054</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="app-emulation/xen" auto="yes" arch="*">
+      <unaffected range="ge">4.14.2-r1</unaffected>
+      <unaffected range="ge">4.15.0-r1</unaffected>
+      <vulnerable range="lt">4.15.0-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Xen is a bare-metal hypervisor.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Xen. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Xen 4.14.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/xen-4.14.2-r1"
+    </code>
+    
+    <p>All Xen 4.15.x users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-emulation/xen-4.15.0-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29479">CVE-2020-29479</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29486">CVE-2020-29486</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29487">CVE-2020-29487</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29566">CVE-2020-29566</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29567">CVE-2020-29567</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29568">CVE-2020-29568</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29569">CVE-2020-29569</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29570">CVE-2020-29570</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-29571">CVE-2020-29571</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-0089">CVE-2021-0089</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26313">CVE-2021-26313</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28687">CVE-2021-28687</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28690">CVE-2021-28690</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28691">CVE-2021-28691</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28692">CVE-2021-28692</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28693">CVE-2021-28693</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3308">CVE-2021-3308</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-06T02:51:30Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-12T02:48:56Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-31.xml
new file mode 100644
index 0000000000..77846b9839
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-31.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-31">
+  <title>polkit: Privilege escalation</title>
+  <synopsis>A vulnerability in polkit could lead to local root privilege
+    escalation.
+  </synopsis>
+  <product type="ebuild">polkit</product>
+  <announced>2021-07-13</announced>
+  <revised count="1">2021-07-13</revised>
+  <bug>794052</bug>
+  <access>local</access>
+  <affected>
+    <package name="sys-auth/polkit" auto="yes" arch="*">
+      <unaffected range="ge">0.119</unaffected>
+      <vulnerable range="lt">0.119</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>polkit is a toolkit for managing policies related to unprivileged
+      processes communicating with privileged process.
+    </p>
+  </background>
+  <description>
+    <p>The function polkit_system_bus_name_get_creds_sync() was called without
+      checking for error, and as such temporarily treats the authentication
+      request as coming from root.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All polkit users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-auth/polkit-0.119"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3560">CVE-2021-3560</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-13T00:16:39Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-13T02:29:59Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-32.xml
new file mode 100644
index 0000000000..1471ab6248
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-32.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-32">
+  <title>Apache Thrift: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Apache Thrift, the
+    worst of which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">thrift</product>
+  <announced>2021-07-14</announced>
+  <revised count="1">2021-07-14</revised>
+  <bug>761409</bug>
+  <bug>770145</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/thrift" auto="yes" arch="*">
+      <unaffected range="ge">0.14.1</unaffected>
+      <vulnerable range="lt">0.14.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Apache Thrift is a software framework that combines a software stack
+      with a code generation engine to build services that work efficiently and
+      seamlessly between many languages.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Apache Thrift. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Thrift users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/thrift-0.14.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-0205">CVE-2019-0205</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-0210">CVE-2019-0210</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13949">CVE-2020-13949</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-08T01:05:35Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-14T03:10:06Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-33.xml
new file mode 100644
index 0000000000..ab54702ebb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-33.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-33">
+  <title>Pillow: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Pillow, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">pillow</product>
+  <announced>2021-07-14</announced>
+  <revised count="1">2021-07-14</revised>
+  <bug>773559</bug>
+  <bug>774387</bug>
+  <bug>779760</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/pillow" auto="yes" arch="*">
+      <unaffected range="ge">8.2.0</unaffected>
+      <vulnerable range="lt">8.2.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Python Imaging Library (fork)</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Pillow. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Pillow users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/pillow-8.2.0"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25287">CVE-2021-25287</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25288">CVE-2021-25288</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25289">CVE-2021-25289</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25290">CVE-2021-25290</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25291">CVE-2021-25291</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25292">CVE-2021-25292</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-25293">CVE-2021-25293</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27921">CVE-2021-27921</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27922">CVE-2021-27922</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-27923">CVE-2021-27923</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28675">CVE-2021-28675</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28676">CVE-2021-28676</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28677">CVE-2021-28677</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28678">CVE-2021-28678</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-13T01:09:21Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-14T03:15:19Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-34.xml
new file mode 100644
index 0000000000..45507b800e
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-34.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-34">
+  <title>FluidSynth: Remote code execution</title>
+  <synopsis>A vulnerability was found in FluidSynth that could result in remote
+    code execution.
+  </synopsis>
+  <product type="ebuild">fluidsynth</product>
+  <announced>2021-07-15</announced>
+  <revised count="1">2021-07-15</revised>
+  <bug>782700</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-sound/fluidsynth" auto="yes" arch="*">
+      <unaffected range="ge">2.2.0</unaffected>
+      <vulnerable range="lt">2.2.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FluidSynth is a real-time synthesizer based on the Soundfont 2
+      specifications.
+    </p>
+  </background>
+  <description>
+    <p>FluidSynth contains a use-after-free in sfloader/fluid_sffile.c which
+      occurs when parsing Soundfile 2 files.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted
+      Soundfont 2 file using FluidSynth, possibly resulting in execution of
+      arbitrary code with the privileges of the process or a Denial of Service
+      condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All FluidSynth users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-sound/fluidsynth-2.2.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28421">CVE-2021-28421</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-14T23:27:29Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-15T05:12:31Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-35.xml
new file mode 100644
index 0000000000..392ebaa6e1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-35.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-35">
+  <title>OpenSCAD: Buffer overflow</title>
+  <synopsis>A buffer overflow in OpenSCAD might allow remote attacker(s) to
+    execute arbitrary code.
+  </synopsis>
+  <product type="ebuild">openscad</product>
+  <announced>2021-07-15</announced>
+  <revised count="1">2021-07-15</revised>
+  <bug>773217</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-gfx/openscad" auto="yes" arch="*">
+      <unaffected range="ge">2021.01</unaffected>
+      <vulnerable range="lt">2021.01</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSCAD is the programmer’s solid 3D CAD modeller.</p>
+  </background>
+  <description>
+    <p>A buffer overflow exists in OpenSCAD when parsing STL files.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted STL
+      file using OpenSCAD, possibly resulting in execution of arbitrary code
+      with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSCAD users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-gfx/openscad-2021.01"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-28599">CVE-2020-28599</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-14T23:34:45Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-15T05:18:07Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-36.xml
new file mode 100644
index 0000000000..f5fc80d844
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-36.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-36">
+  <title>urllib3: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in urllib3, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">urllib3</product>
+  <announced>2021-07-15</announced>
+  <revised count="1">2021-07-15</revised>
+  <bug>776421</bug>
+  <bug>799413</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-python/urllib3" auto="yes" arch="*">
+      <unaffected range="ge">1.26.5</unaffected>
+      <vulnerable range="lt">1.26.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The urllib3 library is an HTTP library with thread-safe connection
+      pooling, file post, and more.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in urllib3. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>An attacker could cause a possible Denial of Service condition.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All urllib3 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-python/urllib3-1.26.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28363">CVE-2021-28363</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33503">CVE-2021-33503</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-13T14:50:16Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-15T05:20:38Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-37.xml
new file mode 100644
index 0000000000..649bc79dca
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-37.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-37">
+  <title>Apache Commons Collections: Remote code execution</title>
+  <synopsis>Apache Commons Collections unsafely deserializes untrusted input,
+    potentially resulting in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">commons-collections</product>
+  <announced>2021-07-16</announced>
+  <revised count="1">2021-07-16</revised>
+  <bug>739348</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/commons-collections" auto="yes" arch="*">
+      <unaffected range="ge">3.2.2</unaffected>
+      <vulnerable range="lt">3.2.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Apache Commons Collections extends the JCF classes with new interfaces,
+      implementations and utilities.
+    </p>
+  </background>
+  <description>
+    <p>Some classes in the Apache Commons Collections functor package
+      deserialized potentially untrusted input by default.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Deserializing untrusted input using Apache Commons Collections could
+      result in remote code execution.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Commons Collections users should upgrade to the latest
+      version:
+    </p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=dev-java/commons-collections-3.2.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15708">CVE-2017-15708</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-14T23:32:40Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-16T04:11:42Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-38.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-38.xml
new file mode 100644
index 0000000000..f727464eb5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-38.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-38">
+  <title>Apache: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Apache, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">apache</product>
+  <announced>2021-07-17</announced>
+  <revised count="1">2021-07-17</revised>
+  <bug>795231</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-servers/apache" auto="yes" arch="*">
+      <unaffected range="ge">2.4.48</unaffected>
+      <vulnerable range="lt">2.4.48</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Apache HTTP server is one of the most popular web servers on the
+      Internet.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Apache. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-servers/apache-2.4.48"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-17567">CVE-2019-17567</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13950">CVE-2020-13950</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-35452">CVE-2020-35452</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26690">CVE-2021-26690</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-26691">CVE-2021-26691</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30641">CVE-2021-30641</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-31618">CVE-2021-31618</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-17T03:52:42Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-17T04:57:02Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-39.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-39.xml
new file mode 100644
index 0000000000..42a2dbf5f8
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-39.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-39">
+  <title>Apache Commons FileUpload: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Apache Commons
+    FileUpload, the worst of which could result in a Denial of Service
+    condition.
+  </synopsis>
+  <product type="ebuild">commons-fileupload</product>
+  <announced>2021-07-17</announced>
+  <revised count="1">2021-07-17</revised>
+  <bug>739350</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/commons-fileupload" auto="yes" arch="*">
+      <vulnerable range="le">1.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Apache Commons FileUpload package makes it easy to add robust,
+      high-performance, file upload capability to your servlets and web
+      applications.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Apache Commons
+      FileUpload. Please review the CVE identifiers referenced below for
+      details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>Gentoo has discontinued support for Apache Commons FileUpload. We
+      recommend that users unmerge it:
+    </p>
+    
+    <code>
+      # emerge --ask --depclean "dev-java/commons-fileupload"
+    </code>
+    
+    <p>NOTE: The Gentoo developer(s) maintaining Apache Commons FileUpload have
+      discontinued support at this time. It may be possible that a new Gentoo
+      developer will update Apache Commons FileUpload at a later date. We do
+      not have a suggestion for a replacement at this time.
+    </p>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2013-0248">CVE-2013-0248</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2014-0050">CVE-2014-0050</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2016-3092">CVE-2016-3092</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-17T04:04:02Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-17T05:07:31Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-40.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-40.xml
new file mode 100644
index 0000000000..3ad90ee21f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-40.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-40">
+  <title>MediaWiki: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in MediaWiki, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">mediawiki</product>
+  <announced>2021-07-17</announced>
+  <revised count="1">2021-07-17</revised>
+  <bug>780654</bug>
+  <bug>797661</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-apps/mediawiki" auto="yes" arch="*">
+      <unaffected range="ge">1.36.1</unaffected>
+      <vulnerable range="lt">1.36.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>MediaWiki is a collaborative editing software used by large projects
+      such as Wikipedia.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in MediaWiki. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All MediaWiki users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-apps/mediawiki-1.36.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30152">CVE-2021-30152</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30154">CVE-2021-30154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30155">CVE-2021-30155</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30157">CVE-2021-30157</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30158">CVE-2021-30158</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30159">CVE-2021-30159</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30458">CVE-2021-30458</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-35197">CVE-2021-35197</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-17T03:41:24Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-17T05:10:27Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-41.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-41.xml
new file mode 100644
index 0000000000..2e01572b21
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-41.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-41">
+  <title>Dovecot: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Dovecot, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">dovecot</product>
+  <announced>2021-07-18</announced>
+  <revised count="2">2021-07-18</revised>
+  <bug>797349</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-mail/dovecot" auto="yes" arch="*">
+      <unaffected range="ge">2.3.14.1</unaffected>
+      <vulnerable range="lt">2.3.14.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Dovecot is an open source IMAP and POP3 email server.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Dovecot. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Dovecot users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-mail/dovecot-2.3.14.1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-29157">CVE-2021-29157</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33515">CVE-2021-33515</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-17T16:37:03Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-18T03:45:21Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-42.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-42.xml
new file mode 100644
index 0000000000..8b6fc8a9b4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-42.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-42">
+  <title>PJSIP: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in PJSIP, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">pjproject</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>775359</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/pjproject" auto="yes" arch="*">
+      <unaffected range="ge">2.10-r1</unaffected>
+      <vulnerable range="lt">2.10-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PJSIP is a free and open source multimedia communication library written
+      in C language implementing standard based protocols such as SIP, SDP,
+      RTP, STUN, TURN, and ICE.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in PJSIP. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PJSIP users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/pjproject-2.10-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-15260">CVE-2020-15260</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21375">CVE-2021-21375</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-16T02:16:25Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T03:48:47Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-43.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-43.xml
new file mode 100644
index 0000000000..aa7e48b719
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-43.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-43">
+  <title>RPM: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in RPM, the worst of which
+    could result in remote code execution.
+  </synopsis>
+  <product type="ebuild">rpm</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>778533</bug>
+  <bug>787944</bug>
+  <access>remote</access>
+  <affected>
+    <package name="app-arch/rpm" auto="yes" arch="*">
+      <unaffected range="ge">4.16.1.3</unaffected>
+      <vulnerable range="lt">4.16.1.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>The Red Hat Package Manager (RPM) is a command line driven package
+      management system capable of installing, uninstalling, verifying,
+      querying, and updating computer software packages.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in RPM. Please review the
+      CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All RPM users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=app-arch/rpm-4.16.1.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20266">CVE-2021-20266</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20271">CVE-2021-20271</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3421">CVE-2021-3421</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-16T01:57:38Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T04:06:54Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-44.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-44.xml
new file mode 100644
index 0000000000..30a974dc96
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-44.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-44">
+  <title>libslirp: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libslirp, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libslirp</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>796347</bug>
+  <access>local</access>
+  <affected>
+    <package name="net-libs/libslirp" auto="yes" arch="*">
+      <unaffected range="ge">4.6.0</unaffected>
+      <vulnerable range="lt">4.6.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libslirp is a TCP/IP emulator used to provide virtual networking
+      services.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libslirp. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libslirp users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/libslirp-4.6.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3592">CVE-2021-3592</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3593">CVE-2021-3593</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3594">CVE-2021-3594</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-3595">CVE-2021-3595</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-10T00:29:05Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T04:11:18Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-45.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-45.xml
new file mode 100644
index 0000000000..253cc37b6d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-45.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-45">
+  <title>PyCharm Community, Professional: Remote code execution</title>
+  <synopsis>A vulnerability has been found in PyCharm Community and
+    Professional, potentially resulting in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">pycharm</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>797892</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-util/pycharm-community" auto="yes" arch="*">
+      <unaffected range="ge">2021.1.2</unaffected>
+      <vulnerable range="lt">2021.1.2</vulnerable>
+    </package>
+    <package name="dev-util/pycharm-professional" auto="yes" arch="*">
+      <unaffected range="ge">2021.1.2</unaffected>
+      <vulnerable range="lt">2021.1.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>PyCharm is the Python IDE for professional developers.</p>
+  </background>
+  <description>
+    <p>Insufficient validation exists within PyCharm’s checks for fetching
+      projects from VCS.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>If a victim can be enticed into fetching a VCS project via PyCharm, a
+      remote attacker could achieve remote code execution.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All PyCharm Community users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=dev-util/pycharm-community-2021.1.2"
+    </code>
+    
+    <p>All PyCharm Professional users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=dev-util/pycharm-professional-2021.1.2"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30005">CVE-2021-30005</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-16T02:00:34Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T04:13:01Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-46.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-46.xml
new file mode 100644
index 0000000000..2c4b4415bd
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-46.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-46">
+  <title>mpv: Format string vulnerability</title>
+  <synopsis>A format string vulnerability was found in mpv, potentially
+    resulting in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">mpv</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>780474</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-video/mpv" auto="yes" arch="*">
+      <unaffected range="ge">0.33.1</unaffected>
+      <vulnerable range="lt">0.33.1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Video player based on MPlayer/mplayer2.</p>
+  </background>
+  <description>
+    <p>mpv uses untrusted input within format strings.</p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted m3u
+      playlist file using mpv, possibly resulting in execution of arbitrary
+      code with the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All mpv users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-video/mpv-0.33.1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30145">CVE-2021-30145</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-16T02:03:07Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T04:16:47Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-47.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-47.xml
new file mode 100644
index 0000000000..39653c3ca0
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-47.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-47">
+  <title>libpano13: Format string vulnerability</title>
+  <synopsis>A format string vulnerability has been found in libpano13,
+    potentially resulting in arbitrary code execution.
+  </synopsis>
+  <product type="ebuild">libpano13</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>780486</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/libpano13" auto="yes" arch="*">
+      <unaffected range="ge">2.9.20</unaffected>
+      <vulnerable range="lt">2.9.20</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>libpano13 is Helmut Dersch’s panorama toolbox library.</p>
+  </background>
+  <description>
+    <p>A format string issue exists within panoFileOutputNamesCreate() where
+      unvalidated input is passed directly into the formatter.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could entice a user to open a specially crafted file
+      using libpano13, possibly resulting in execution of arbitrary code with
+      the privileges of the process or a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libpano13 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/libpano13-2.9.20"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-20307">CVE-2021-20307</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-16T01:54:06Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T04:19:22Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-48.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-48.xml
new file mode 100644
index 0000000000..93798cdc8b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-48.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-48">
+  <title>systemd: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in systemd, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">systemd</product>
+  <announced>2021-07-20</announced>
+  <revised count="1">2021-07-20</revised>
+  <bug>789399</bug>
+  <bug>803041</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="sys-apps/systemd" auto="yes" arch="*">
+      <unaffected range="ge">248.5</unaffected>
+      <vulnerable range="lt">248.5</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>A system and service manager.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in systemd. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All systemd users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-apps/systemd-248.5"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13529">CVE-2020-13529</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-33910">CVE-2021-33910</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-20T18:35:40Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-20T19:14:28Z">ajak</metadata>
+</glsa>
+
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-49.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-49.xml
new file mode 100644
index 0000000000..66db2e9ee5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-49.xml
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-49">
+  <title>Chromium, Google Chrome: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Chromium and Google
+    Chrome, the worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">chromium, google-chrome</product>
+  <announced>2021-07-22</announced>
+  <revised count="2">2021-07-22</revised>
+  <bug>802540</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/chromium" auto="yes" arch="*">
+      <unaffected range="ge">91.0.4472.164</unaffected>
+      <vulnerable range="lt">91.0.4472.164</vulnerable>
+    </package>
+    <package name="www-client/google-chrome" auto="yes" arch="*">
+      <unaffected range="ge">91.0.4472.164</unaffected>
+      <vulnerable range="lt">91.0.4472.164</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Chromium is an open-source browser project that aims to build a safer,
+      faster, and more stable way for all users to experience the web.
+    </p>
+    
+    <p>Google Chrome is one fast, simple, and secure browser for all your
+      devices.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in chromium, and
+      google-chrome. Please review the CVE identifiers referenced below for
+      details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Chromium users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/chromium-91.0.4472.164"
+    </code>
+    
+    <p>All Google Chrome users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=www-client/google-chrome-91.0.4472.164"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30541">CVE-2021-30541</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30559">CVE-2021-30559</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30560">CVE-2021-30560</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30561">CVE-2021-30561</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30562">CVE-2021-30562</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30563">CVE-2021-30563</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30564">CVE-2021-30564</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-19T02:47:55Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-22T04:51:59Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-50.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-50.xml
new file mode 100644
index 0000000000..147944a9d2
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-50.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-50">
+  <title>Singularity: Remote code execution</title>
+  <synopsis>A vulnerability in Singularity could result in remote code
+    execution.
+  </synopsis>
+  <product type="ebuild">singularity</product>
+  <announced>2021-07-22</announced>
+  <revised count="1">2021-07-22</revised>
+  <bug>792465</bug>
+  <access>remote</access>
+  <affected>
+    <package name="sys-cluster/singularity" auto="yes" arch="*">
+      <unaffected range="ge">3.7.4</unaffected>
+      <vulnerable range="lt">3.7.4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Singularity is the container platform for performance sensitive
+      workloads.
+    </p>
+  </background>
+  <description>
+    <p>Singularity always uses the default remote endpoint,
+      ‘cloud.syslabs.io’, for action commands using the ‘library://’
+      URI rather than the configured remote endpoint.
+    </p>
+  </description>
+  <impact type="high">
+    <p>An attacker that that can push a malicious container to the default
+      remote endpoint could execute code on hosts that fetch the container.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Singularity users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=sys-cluster/singularity-3.7.4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-32635">CVE-2021-32635</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-19T02:57:15Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-22T04:54:09Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-51.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-51.xml
new file mode 100644
index 0000000000..0b667aeb20
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-51.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-51">
+  <title>IcedTeaWeb: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in IcedTeaWeb, the worst
+    of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">icedtea-web</product>
+  <announced>2021-07-23</announced>
+  <revised count="1">2021-07-23</revised>
+  <bug>711392</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/icedtea-web" auto="yes" arch="*">
+      <unaffected range="ge">1.8.4-r1</unaffected>
+      <vulnerable range="lt">1.8.4-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>FOSS Java browser plugin and Web Start implementation.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in IcedTeaWeb. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All IcedTeaWeb users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/icedtea-web-1.8.4-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-10181">CVE-2019-10181</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-10185">CVE-2019-10185</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-22T03:54:46Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-23T02:56:17Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-52.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-52.xml
new file mode 100644
index 0000000000..bab0fae4e8
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-52.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-52">
+  <title>Apache Velocity: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Apache Velocity, the
+    worst of which could result in the arbitrary execution of code.
+  </synopsis>
+  <product type="ebuild">velocity</product>
+  <announced>2021-07-23</announced>
+  <revised count="1">2021-07-23</revised>
+  <bug>775248</bug>
+  <access>remote</access>
+  <affected>
+    <package name="dev-java/velocity" auto="yes" arch="*">
+      <unaffected range="ge">2.3</unaffected>
+      <vulnerable range="lt">2.3</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Apache Velocity is a general purpose template engine.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Apache Velocity. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Apache Velocity users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=dev-java/velocity-2.3"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13936">CVE-2020-13936</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-13959">CVE-2020-13959</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-23T01:34:53Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-23T03:03:07Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-53.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-53.xml
new file mode 100644
index 0000000000..5b93e892e5
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-53.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-53">
+  <title>Leptonica: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Leptonica, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">leptonica</product>
+  <announced>2021-07-24</announced>
+  <revised count="3">2021-07-24</revised>
+  <bug>775629</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/leptonica" auto="yes" arch="*">
+      <unaffected range="ge">1.80.0</unaffected>
+      <vulnerable range="lt">1.80.0</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Leptonica is a C library for image processing and analysis.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Leptonica. Please
+      review the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Leptonica users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/leptonica-1.80.0"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36277">CVE-2020-36277</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36278">CVE-2020-36278</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36279">CVE-2020-36279</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36280">CVE-2020-36280</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-36281">CVE-2020-36281</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-24T02:43:34Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-24T03:05:56Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-54.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-54.xml
new file mode 100644
index 0000000000..83bb578e11
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-54.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-54">
+  <title>libyang: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libyang, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libyang</product>
+  <announced>2021-07-24</announced>
+  <revised count="1">2021-07-24</revised>
+  <bug>791373</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-libs/libyang" auto="yes" arch="*">
+      <unaffected range="ge">1.0.236</unaffected>
+      <vulnerable range="lt">1.0.236</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>YANG data modeling language library.</p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in libyang. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All libyang users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-libs/libyang-1.0.236"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28902">CVE-2021-28902</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28903">CVE-2021-28903</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28904">CVE-2021-28904</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28905">CVE-2021-28905</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-28906">CVE-2021-28906</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-24T02:37:39Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-24T03:07:13Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-55.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-55.xml
new file mode 100644
index 0000000000..15738c120b
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202107-55.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202107-55">
+  <title>SDL 2: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in libsdl2, the worst of
+    which could result in a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">libsdl2</product>
+  <announced>2021-07-24</announced>
+  <revised count="1">2021-07-24</revised>
+  <bug>766204</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-libs/libsdl2" auto="yes" arch="*">
+      <unaffected range="ge">2.0.14-r1</unaffected>
+      <vulnerable range="lt">2.0.14-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Simple DirectMedia Layer is a cross-platform development library
+      designed to provide low level access to audio, keyboard, mouse, joystick,
+      and graphics hardware via OpenGL and Direct3D.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in SDL 2. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="low">
+    <p>Please review the referenced CVE identifiers for details.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SDL 2 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-libs/libsdl2-2.0.14-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14409">CVE-2020-14409</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2020-14410">CVE-2020-14410</uri>
+  </references>
+  <metadata tag="requester" timestamp="2021-07-24T02:31:25Z">ajak</metadata>
+  <metadata tag="submitter" timestamp="2021-07-24T03:07:52Z">ajak</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
index 0090a4e27d..7d44a0782c 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Fri, 15 May 2020 14:08:23 +0000
+Fri, 03 Sep 2021 09:39:05 +0000
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
index 1e05047643..bbcaf950a9 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-8f997a18382e6fd1fe9722aff738fb088141123c 1589546660 2020-05-15T12:44:20+00:00
+7b9e3c731523fe15934efc37e813384c70ecd7b6 1627096087 2021-07-24T03:08:07+00:00