From 64c19a0836fc1dae79ff17ab750352542ac5d6b4 Mon Sep 17 00:00:00 2001
From: Flatcar Buildbot <buildbot@flatcar-linux.org>
Date: Sat, 1 Feb 2025 07:05:18 +0000
Subject: [PATCH] portage-stable/metadata: Monthly GLSA metadata updates

---
 .../portage-stable/metadata/glsa/Manifest     |  30 ++--
 .../metadata/glsa/Manifest.files.gz           | Bin 594915 -> 596663 bytes
 .../metadata/glsa/glsa-202501-01.xml          |  47 ++++++
 .../metadata/glsa/glsa-202501-02.xml          |  49 +++++++
 .../metadata/glsa/glsa-202501-03.xml          |  42 ++++++
 .../metadata/glsa/glsa-202501-04.xml          |  43 ++++++
 .../metadata/glsa/glsa-202501-05.xml          |  42 ++++++
 .../metadata/glsa/glsa-202501-06.xml          |  47 ++++++
 .../metadata/glsa/glsa-202501-07.xml          |  45 ++++++
 .../metadata/glsa/glsa-202501-08.xml          |  48 +++++++
 .../metadata/glsa/glsa-202501-09.xml          | 134 ++++++++++++++++++
 .../metadata/glsa/glsa-202501-10.xml          | 104 ++++++++++++++
 .../metadata/glsa/glsa-202501-11.xml          |  54 +++++++
 .../metadata/glsa/timestamp.chk               |   2 +-
 .../metadata/glsa/timestamp.commit            |   2 +-
 15 files changed, 672 insertions(+), 17 deletions(-)
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-01.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-02.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-03.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-04.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-05.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-06.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-07.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-08.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-09.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-10.xml
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-11.xml

diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
index 6cf0235b2e..ad87ad3ebc 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 594915 BLAKE2B 220d9175cb1796cb5045abb4a1dd895efa478aa604a6eb3dde800553a73ce6b12ecf630b6574e1fc834659bac119417be17231464d8355e60ed5ed18f51b8044 SHA512 db425e75cb49a2ea05358c8e7f4e366d86628930a1e26279cb8287fe250565842ac004358a56986eb2aa4342ed7217cf30c8f78d97a02ed24483cca80fd1b2eb
-TIMESTAMP 2025-01-01T06:40:41Z
+MANIFEST Manifest.files.gz 596663 BLAKE2B d03f77688298f7e2b1c117787c6f899250317779b0320cb4d08119535bbb454be5ff75faf4d4f6b88394f22fc5ce722770f4e51f537acca0853947165902a3ab SHA512 ca731da057a6d173058e289dcfa3c1e06f0e35cc32aa1f85102f6637f27eb4a9f2444a9eb532f9df30535ce50e36fc4a7976c85eb02dcc7f7b80b4a213ec6d2d
+TIMESTAMP 2025-02-01T06:42:06Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmd042lfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmedwj5fFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klBoyg//VQm7GsyyuffSjKJO3H/YJF558ygX0IxnZPwgQweC9ERRd3NlONm2mlph
-TzmZhAC+PnRGN+QTZh3M/kNuxPytaf6bg9vSNs2v221CHcSqErbzbMAiDO8ZRPoj
-ToTfCC1jH2AoEAAmCWd120MK7nA1dzKx0DSvWhuTv02ssdS9Plj+SJ0SY6stjE3w
-vfyYTvVjsz90UppvVl9zdKPQa5st2ojC9/tJxCFEjTxV1ubGJDI/7TdArgyTTSDg
-rx4Bbc5su4ANjXbYHofhar2X0/YYF6l/bglDMhCJIn8OwOyzWqXufgrmhmnCrCgt
-V6FLxXqWimOmIiIL1YUwUgc3p0JYNuYAwGt5I6Tf/gX2h/4aHOxUvgDdvRf+hoUl
-9USr4sw5qovn+pFdDNwYrZ2+Uat83IYET85Mnlc8sqf3wH8I17lPKOzLtcgtkRND
-i062wD9kU6gCen6fM80vuW4k40UphiAkrLhy8nMaWjBBVbRdXpGddGdOuPk0yX+b
-g+qjOXnkY/rZPek+u0lpS1MPU661IFJgXQs9wFaV9++VXpcpVCyFoyUNhhaIxEH9
-KEQwa8bz2DkoBCeJMYjH3xigcXMavQ9KTrRqkl2lUk1tLf/dBwY3d7Ao8rpCkirO
-AF2w3sJ5hbD7PXm4OEDG3EYt1uQftsnV/UcNB26SVu8UT1tfmR0=
-=IQdp
+klBlXBAAr4sY5iEDzYLEfvubrkiF3uuAHKfIwYSEXfmUWd0Ltv+skBym3Rmr5yp0
+4/+OTE+9CqgqdbnWdlFbQcaBf+dLmZ6Q/CUZ054dbW5EjVchTx1VsKb+zSCyUSky
+Vm4uCHniPN7UgODv/NX8kttdQLojIR+HW0DvAJ6cDb9GFOYpvyilYezK0HuGNkje
+vXWoiBRERytYJ74cigATfNaQ6aVgZAhWB/CMqC4EWW4d9o8e0XIi6TSq2cNgraAu
++Mxa4n7LrMaBFHKy+TNdeirztkHJSKdAAFwscpBZwngl8XwmOR3EIIJyzuvZ9jtY
+uOkoLN+sn16Pz0zyuuonYn5aTu0TkazdEh6MVR2YTz8CcifTt1HcPivRiiB2Wa+e
+50csAbppVN9UvCKMaR+Z+/JBnFP2BcuYNIdW+qUlzGHecB01PBLYBN9AI2HK9Ujn
+AgtQ8uwX49PDief0RQcUlAQ1xQ4wRu4HOgZHxT6XL9LTLVSMedm9/R4CK7uc1s4S
+U5uuC7xkPHXVi8s26wCf4+g7Rx2vVtxCEmevgnnBETD0B9OxECfqf+ZQfqqfwbL3
+JhT2rMejK7WWJC/Owp2syiWwEHEg8pR8XeyqwTSVmeqceJClQGWt0d4cIYSBUW2b
+efiUP+na+uWMxVbQm92Q/UKCrJe/cp9FvHDUyYeGuxun/1u1gXw=
+=4Nub
 -----END PGP SIGNATURE-----
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz
index 1b987a323dd7f4fa75694754ead77658b71cec7f..94b3bc076ff3a671151b132cbc714b3e2c5040c4 100644
GIT binary patch
delta 4083
zcmV<P4-D|*rzE$vB!GkggaU*Egam{Iga(8Mgb1_={|bLB$&DoXuT{(n1O^}RSb!kR
z&kQg-;1eSV4GEauKjs`(X5NeL`&V66ofW|#-OcFkW^sG7!;Gx-I)@dvsBa!chQls1
zar1_kmppN||D9|jEv6pZ@toI#JzWl&%(ML<2-1>{?}W?<x&VQwYQ`$H_~_`#K_wEf
z8wsOJxnF;!s+9IUo?1W@96Q)gar-zaLE0nZo_13nI$6UYSY{H|`B+VYRo%u5Qt-GO
z9xm;}YJH(o@YHLDZ0>T!wtW*4DdaWQuTW_+fv6LTyem00m;~eGq7=RoqHvdL3T{&+
zL#vL!8T)juA(sO78l$}F47)@PYvKSD@QB{rY{-9f#8*zVBUe+4)~$Tpj+O!u^fL+$
zGjlpg$i;a-<&T{_R)kBN<zNK|ENDt{75O-qKTiA7JGN`zl2z%YXbDcG37@){X><pg
zU~8Y^*0-e8Tij~S7JBh+OR-brj&YNPc|!Q?GD2!@z%l|2y=Rf8I_C`DKY<;5xM4?p
z^v-{i_j?=*6)QSC%(;fJG!MzCU7k3&TaWB&GOwfDuj;G9iVGm{)IdIs_6^27A%MJ8
z+#(l8njS30^mH*&X#dg&W(hQI{heWaHUSef_{DYKzveKeT9nrK;lL^yli=;c)ZWR)
zmu4$|`15Lg^~=NXUw05|DGlqG++&MekwAY*ba+X}aBHYGC%{(-J<&GonhEexzY4X#
z6>x#94T9ONIx-|$D;{03@^0|W(Ow-rKb`8E=i$(*9SD{o<}1qIY7gpXcMtx;AVF}z
z**!`oIoAO-gC7GeoNg!kocyE&6z?-nGXTs=p+<?I4suR3cuPCPH@zHTo0JW`J<5L;
zu>;HWpu%n>IUf1LN&L3SeYf{EP)0r5XVjOPET?^+_u6W3^6L&<N_MD_T~2|D<~)!6
z93ff()&Pmf5`PWj-#YGD7gV*?0s^ti0_bCh+u;Ac*_=r$2nc&v>8FaJ^dVRww&I-{
zxl9cLJBc)?oL)Ib+e#|&+<LV=z@>lL|Cy8%J=BnPu=dchx<WZ@2j2Ht_Dm)(R#db!
zys{MuXT&h}u=3W2^EDq%;#a?X3U7GpuIi%e;Q;T-`U^S5)D$lpodZ_A4eV;ZvzGDL
zG8?2OQZdX=hZ^TF$kNGDv~W-@il&8BooZ^5!1QBHI*2yn!x0pBQ17j)3i5xZ2Vv1v
zb>3Uebce*)7)7J@YOka%rxxLZ9-k_CKI)6=iJm>HYM4rFheo41-gDCV8tgDm>wxDf
zm~qx{N#!^~f}a36IWjE4X2TDwmA)od-d0PTYt1W}vS24mC)jxM$*S_ffEXp+?2>O8
zTvF97250Dm5p|Fy0Xvq(m;Zm&wFrlX#qsW~0V*srdrMB-CrVsi3pvMFPKA{;k$F{L
zJzS@RIc!OF0#U7pg$_{Fp%9S8MMV(SzD5i(Gg#Q+7ucIRvQK)o#&K)p$iD$)D>i7@
z+@unM7LblGYYE8f2!|DjJU~L{ht>M-mw)SaE0;G8ob`1PU>YDKDx!aWH0`2oR03Zv
zhXTmPBwVFEFDsD5G3~~3Uiz^+(7@igc*m1ff^8Ea90h~XHTH~!mN*>uF^1UE*MZwP
zz9v_Oow%vqlHgmRm2+w-SpsQIRqfoaEyms*DP{AKDRo*O3h65C*ll%#I?Pp@;#@;d
z9UHA5AWQM~`y$Q4d53?!L&Pu`T+@G<pkX)Uht>M(mk)22fQuDhni?B96M?zcGMlpt
z$*DJhAtZ&2qU(oNRV+&C+sOWTvdx!{C9w&LD$6&YZ~;SQLSfI^t8(x-)u^rSVEw>%
zc7>5D`QH4zpBtM-NXW(j&Tc$An@b+4A;;49Z`sz(0jtC^;*NhlW!nfEMD575Gb2`h
zz+=wtu}u2$Dcea3RE{Te(iNW!7EPme&blfb>W`F3IQy_#=Xb68h2<YjZ`sJUCJI|f
zV`({Xpvdl{mlgZ@RCD2mp&fP$0(5L@<}en`gP(lp>w9mh_A}{NX52gaogPhVRBx2a
zRTdj^PCx|xB#?iH3YYUW74>Y(QhRi5_OlQA=yt7Wzf9`6m)?Uqy(xVh)meSK7YY()
zurU0grKW0A+R}cb@^s+S2{0l8Y#vdhl!BN_nq}kjXxdyUtp8!Per}rIqI{O?yJT$G
zd+uBh*x7?idoEg=EW)9}d_cX(0dinReOmrgU-Zno^XPvTylQXuF4-mXkn5Xm$)=B_
zt$}JInr;p6+xf|mMUM7QPSm+&UmcVQvErY(lUIovl7%ze{Pe|dc|#b&HhSW3=>-z@
z7!{}2<CqixZbTy8<q7g>`2e#7LM6Dxls28y9m)>n?ij?SX?gp=6TjtQkGJW9s^kEn
ztG6xOSf+o{vmgh%$nM*YhEq%J0!db6%wn0+Lk>XQY`dwU?&ToB;`j7qfotl43SY7=
zq>HS*>rn;Es1Q~skJ!9p6E>0Rr5kuTH+6VBM;dMdOso03>B?J9Am~M)NrW#JW?XT5
zlFOEE<w-~cxr3y56{+}i*j(Ff?NOCAox~Ilu6Tde{yv+w?g%&oIX`y1d|0ion`YkO
z&01^B({g)rv76UO_7tn0!Lhbk0dlHdlNS<G6=K~b0D-L4*gk(8{p0Ks3^j>txY6(E
zoKF34Mo-@ICX{IYS=!UBL^s7!Z2X%)=+u}=pbYX<XIluFheB5NhHaU^5^XGE9re5>
z^&Eez8;P1#53=#;#TRtD7S1Kq<I*NXKU*RvJ5zfmwwuIkl(nyRAK3j?Wl}}C{&}^2
zY;xb!Gr+(4?Jms_wD<zW5%b3q5JUU==o;kKT-3iKQ(9W!LG^4W{%H|=7>DW>8jUTJ
zW%Qcc`K#*EJi3=%5rCLyc+}Uwl$^Xsf9ijh{?rpWg)B1fV>{^`rFgs0tp*9yQdPUC
z{I?xju&yhV4eZm@F~jS^L$#Jmiz-Kv)z>X^KaGKkP_jiyM0>E8{3t@^4^@*U9)IkE
z0D^ws%j-q^x()RI8Q{d0d$BAh62EOGcG$`>c|t2O1I$mVoA44)dR^VyxhSX6i6MVW
zqN~%L1Ju)mN+6DIp^xyJ1ZOiH7IC$GB%SNGnib*xsgR9(t7qpxB!XuGUx85$oLtpW
z41g;OPQvM7i{)%VB(<G&VS(WA@OvwJLm%`j6y^E>wj1uaPRLYi`~k6}TT$VYcDq(@
z-xikqVYR;c<>On;C#XK-mnOU<9)*9Cy=!H=Uk36CP=JaaswPPWi$dOP!{OC}#F0-1
zHLx{SrlRU`AaURNetQkhI+N|3w^_gLiS0qSIQB({&--|veLcH9fe?~1$l4BhlSH1O
zKKZj}YIk`+-IA2T>Eb6o5TC27b(7h_yoEKjJa@<9rJ#`>!km*^;{uSbq4t0DBXo%4
zeN3;&P8%&htXBGF)vqY;U5v(4!=`GrlONzE0dgxND|M1p2Lvh3s?TJy7-pn!$d6N_
zj5a8BDyn%6JC8wck^M>1f%um+t#0Wa+f~|8B5GQmfD`1&$$g1{KaPNEh^DA90J!Vo
z$AX0Ri0!?zTSeK6L)}a*HJyJvs5bRDAfIiXwUK8jy%y|+VfjN;X;)Xrq)N}2wsaBs
z!&dL&+jO=j>wC2itMy~`@NU~yybsJ-3Cf^?AnX9>%>Jv>1Ju0m*F`R=$q%d(Y-*|I
z)K<4huF-T+9dkNoKqeg`w*n|*r*-+>)$9XzfQ7ZH)&lj8P(SCV=Hq`56)&So@Ua`}
z_nN4u#rJuDt-xUz6k*TmEeF=D46z}smYqGFhB8e~{dj{C;z_%kbqL<7vY{S3=&q#%
zMX<MB!&K6ol%GDV);E^V?-tCgty2ZvqRZ+qRvt}p7&a}a+DndLdqQUimNTB5G-oVS
z#f>)EU8QMx?;Xi8RLFnlNS)5|-p)>dg&fgV6NkssZIhpJfzpdlna6x7cpmm30g)ct
z*9i>r6Ej3D)=VPQIXPqn3J~rOPKa}r>ZwhOy4w^^6_Y(abJ|Gg{T76J$;<R89%7`c
z_RJwaE4!1GJM<qsWBIUJ-?Oi8Jkjw+wygRaOE-1pc-a%(%W;3jewKQdXHkNF@M9l~
z_4@B=uoN`ah3_~c6*zsB$Xr5+zhvANurd`zh!h*;kU(AlJsbs~Kg-4W$>k@?>uWwj
z7IgU)AP!FrIv8YPGjFCSeb%^|c(ctPRB0luS{jayWo3uvy>PNccBwvUtS|Gvq>km3
ztt_VwPUQ)L{U3jwP08k9{r@=ox>xI49X7tJ{&d9>?o-(c_Lw%7rwVGf6G&Zutz$;8
z^U|I)KRT~DoD7F|r6%tY*kQ_wDxZ?HV1d>;2&-E~DMWfD&9X5S<O?!Pm4H`I$Mc^0
zvesJba3wERIIfc{vy@z4wh6+V**vO3D1w|gu1$Jzia~#S2EY}<Len=_H8Hlf`&;`<
z*u|2Ns6k}^n+<*NXtha>W@Cox^w5|ZKdja_mVdMN?n)7Q?U!!7uumg?xYVL?Kv>5c
zOD^#Gs(G3aU5L*a={8pxse><blC5SY{5MCLIhI2&LmnkUc8Pw2OdfR7<o%K@X9<?6
zP{YstmVSSiNzYlu2l<m^5F^TE#eoe5F>M(~N2&K91i9C(Z2@ZT>2m0MCWP#9{#;MK
zu@D8^0nl;WhmWSG<;7}E1yk~4-9aH4KG28N`i13ftAEvep1wug*)&c=k<3bo=W#as
zOxP7l)eP?+PQ`RI(;JSLW&Jx2*gu;-WSf=7Fo=JuA`x|;cQR*GGH!H2@i>MpeoH|b
z??s(0at5>i<V0&6?8fGN`rdsGczKa+Q#m_eciHUWGPTo(4dLx3OI}NJS_K9ir!PQf
z^*V02O`8CCe!-*a5Se^rHXsDz(Sp88`$Oj(?Ay#guh!SSe7WE1iS|f2QR9Toc7TtL
zGYEfhz!|`=+||D%#aOLTE<`PzEiOp}Q74!rsi*ceR9wk5ir%0S2NB)!xAc&3ckGfq
zJ1XBbjqQVVIo$lh^4@(d0jMZ@J(}H-&1}fH4)!)tJOF){)q>{O2V?=HJp6?0aUvy=
z#8%3v;{ls$Yq@|1i!-m}ZpU7tO$PRr6H0$ogG@^umy57}eORq8ET7+UqQ-OGlcYXg
z*Xn6YxO(-iZjXcUw%-!QSYsWx^i+wLW|Vu>Gdn~%-0eYnGUmR&A-`#mNwiYaDC$Y7
z$(>B|CfsOfv7~_Mr(ZsL|E!&iUV^~ArsVRh`6SZsKHx3*l1V!XSdnXq39w>9f|pkz
z+r=_*{>wJY)`h0=`QTW&E;W%esau_O|0b9}sp-ZxZ5jo#@$>x4fByZy{`-Ia_8-6h
l<G1;Lzt`XX{n!4#|NQWq|N8B>fBgQJ{|DsV1OF*V5dZ>Y4e9^@

delta 2321
zcmV+s3GVi{wIt)GB!GkggaU*Egam{Iga(8Mgb1_={|bNQwt*n}?^R?40ZEAxwSXYV
zPXc5Id<iiEBLU+5Bj@lwW&qEheQ`Y=QDk=)ySgeZZ+4K8onGg#(h~LEM;76*%S_xn
z;prt$TJ*nzZKTE2B^}RsJ<!wXkjXsSX9Yo8((#>;nW!$PKvXqjm0G%V^yHut3D}K<
z(ObD+rK*3F_KjD~R1_RL&`);zI4MEeBjX;jDWgu-APAP3gmqkYlR#C)ctHvtr^Ca!
zy;!aH>XdrwF+(<2yJFeCSrRGaHSV`iX)*z*6N<bmi5g5&<Lp@}d?iG|F4Yv=rb>o(
z9Vutz>6}9>McHeN@}@Ja7B#4e1CXgl^yX$mZZUs7a-xh}O)Xlt^HCfvr9{xrC^*c_
z=_Da%=lzsFcJf#eE^U^B9UN*wQ<AI5%Q^ix?Mq8)=ei}U!b__qFqI~J>SAuAJJ1AL
zdlk1nB&D9>R&%z{i+3r-PLVstO%~=Gf@g0dq~-=JBc-ADEW%XhoT>K@$_`%KkP)A}
z^W=Z|F2_Qx6&)VtTmx8|hvd*M&pNo<kL+qP-!Yd*_f=uVn?m5Kfqa_e4W@kp0C}ji
zL@wesJy?qA>0+eN{;3blZJ|;0cLwoE0w!qihqIKoIgF_mr9FNyu!_bcczKxGJ4t+L
zQt`u&tM$&82jM^NAnsdfSjXfpDRNl=CD4E2Asxf5p-N5wuMm2YH0-();FEq8YJV%>
z0$3Xav!XgOAX+OPU9t8>@ZFPK9X&st>YGP&XjKM+ZHW1Z@<r`I{p`x%7X}G}1J3SI
zGRe6Ppc(j>(!%L>vd_UMZIt4D?$ZnavQnr~AgF_!6Aj+d4(pqqV^}6-LvN3~MC^a4
zWqMFyH<29U{^BHl*yKLjdmAW|p6xT~OHG#3zR!DYH8}Zmr(D`(sE}O_3l+_IF8LfG
z*#Xu7iO7=PhVhGzd-erYZMA_w?6LuR$#5I|>%!*Tw1NPzhkN_%Vkmt`t&m#wPK{iq
z27yc>4JxNsj!9ZcC7#=_mIIud{Lg<)Ink(ww1c%#%jyc`kPf`=v*b)}UaY8SX?SHT
z63&QW>|y1tqw_T{PU1UXehW|aR;lWu>)`<I+VvN5im54HHaZ8adK=i)d}l3FTrwM^
zCQ>oTPlp=kFv!xIt!T?ZwJ4evQgy1SNdnW4b<;t#5g%eu+(Es!t}4ir9)y2QQ`LEk
zn&}RSu`#kn?NzR%lvA7VL61+BJTLV{^+ex2t7@1EY==gpI^J{Ac^m97PU`^YDwuK9
za0=x(LKZ&(a1wV=f@H%NtF^sPt~{-lb*??H&6EW?xpjg~2d}IuA50OWq?;`Hwo{i>
zb&IJpbiznF$dZ5^%i_(yu@-;9(4aV;y)}vo+sxjQ6ZeS{r`JNxG3G;IB~4@=-B%CS
zAz%(mQk_6lYqZfpRTUKivbm@T!o98$gUAdN7JUP2Qz!OGul6{KMvnX+K(;JFLvoW!
z2wFfo!mK4Ak7GHkKxCv6I$o^S2Vee)?Uqk(960OuNq}h-AxRPS*tCC(mZ(I1c{>z9
zHYVXJ?RnaPB#vn}w(qxo><%=rcTS%1V3k1IL<mR0Ky-~gW1}Sv$9;?;Qu;dO_MRS-
zD?=vkR*N9GD711+EhTdxt*NTLw{wZHcSlOud}K<U)`vp6N;`I`Za{~5*QPkv&{IdE
z^+m~&z5PB(vtZsKcZh!&27+t)FB3FmL%vw8cfNdhvIM+Y@mo`4Bj-k7?lsTm?84^M
z8-*btg^Z%>hgMZA%GQ^W{dMh<FC9x_6J%AE3$O5|3>685HEXZR!R1t=w!VY)qrQ_B
zMylj}^Ld{)HjR+58v{7I>F8`OaioSEx4wV3v~CVqC6*C)^eKN^M$lB$j!Zi<V&{i?
z%-KDbNk2YiJ4u1c@$8&*#V3PJ)1;lVt_o58kvs`!FIMaL=v6;z`AgGVHnP-2%NEku
zb~|vO$nK?=75n*6bD@CHqHIA59ZAg`#;kepwMTt@%aUq8HXX~1d$E`8(zHhPMzLIF
zu>t1<M5>>S%0qvJ%lVj!x|U_B99_wN@}OgvwW9qpsi)j}59;)$^l?&W_3~aQ2$-pb
z!4GX~sy1y)+HX|89rfv?Fd_mh9Fc{T7BQ7H%f{!cX>+Bp{)^T6ylH-l^1E2yC1b;u
zxpF<l&Kg`=bJ5yl5e^mRqtr_rAP08Tr{%BuqVGIAU)_I(SM5#ik}R2vT;HT6n?5#e
z4OAP^bZdCu&L;yFIoh8&QRkL*b&w~(ivOl;UL|Ts7LHK(^qU`fLm0v`dg8bA0tsu3
ziqq?H+!O$AL?Yeg3G&<R7nnH^DydscY128~q3qD!9fLSEEpIPy;)gtJe3~w(N)8aZ
zdRxMcc`AQBOXVPotP~jyhnCtIkgUj<%`&Bj9DpipyQ!h>=^(((&-7#gYwCdtUa~Kw
zi>%!Bq=IEq2&<DvB=1PVCQ?0g15f9sqPKIT;bwtpH-C|?yyc_>Jqa`$;fsYCXIh@*
zqNSod35j6uR8l;OP<%RUuI;w=sLGm7VhRV>dRBjapQNplD9)&yFBvZ{R_pzynP+&i
z)*AD$-QHa6<~5R>V%0M^){+$fr|LC%Au&}U)?I=kkhL1i=Z~Wwk1oJalSsmien-c2
z>W4FW@RWs6qWNcTSGN=06ibo#H$SUWV<v$zh*O<yA!J5{tmK9*nZTSR7O{?cUXyy_
z-Hm@l&8`R8`0(NjxLq^n66kSi6QZ9jk&~UNJrmnaU^eo-u68fb{ZeI8MY;aCTAwz#
zPwE-ezxwUonjvWMMHNTPAGZZDu&<A<L2li%`gdeXTMK+qJ==+YTEs@<P+dZ!sqJJL
zz2;W_s=73f?qye^K-_1z)Ym_ioIFW?>XvnW_7gdUEHcj{owOt&-fDEKK?1Z?)h;Rj
zEn^GRb%wkO`)%r&;dNnDt>x6B%28zXb@N=`#y~|VS)wFXd!U#7QiRM8Rg)&Mo?m|Z
r_4hyi{N<<bU%$=&zSnR6{@nli`^69c`S$JW_b>kgx`WQUFFO$ci6?-i

diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-01.xml
new file mode 100644
index 0000000000..864723609d
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-01.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-01">
+    <title>rsync: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">rsync</product>
+    <announced>2025-01-15</announced>
+    <revised count="1">2025-01-15</revised>
+    <bug>948106</bug>
+    <access>remote</access>
+    <affected>
+        <package name="net-misc/rsync" auto="yes" arch="*">
+            <unaffected range="ge">3.3.0-r2</unaffected>
+            <vulnerable range="lt">3.3.0-r2</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>rsync is a server and client utility that provides fast incremental file transfers. It is used to efficiently synchronize files between hosts and is used by emerge to fetch Gentoo&#39;s Portage tree.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in rsync. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All rsync users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.3.0-r2"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12084">CVE-2024-12084</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12085">CVE-2024-12085</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12086">CVE-2024-12086</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12087">CVE-2024-12087</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12088">CVE-2024-12088</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-12747">CVE-2024-12747</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-15T17:18:08.215935Z">sam</metadata>
+    <metadata tag="submitter" timestamp="2025-01-15T17:18:08.218034Z">sam</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-02.xml
new file mode 100644
index 0000000000..1f914bd82f
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-02.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-02">
+    <title>GIMP: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">gimp</product>
+    <announced>2025-01-17</announced>
+    <revised count="2">2025-01-18</revised>
+    <bug>845402</bug>
+    <bug>856283</bug>
+    <bug>917406</bug>
+    <access>remote</access>
+    <affected>
+        <package name="media-gfx/gimp" auto="yes" arch="*">
+            <unaffected range="ge">2.10.36</unaffected>
+            <vulnerable range="lt">2.10.36</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>GIMP is the GNU Image Manipulation Program. XCF is the native image file format used by GIMP.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in GIMP. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All GIMP users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=media-gfx/gimp-2.10.36"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-30067">CVE-2022-30067</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-32990">CVE-2022-32990</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44441">CVE-2023-44441</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44442">CVE-2023-44442</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44443">CVE-2023-44443</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-44444">CVE-2023-44444</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-17T07:05:31.622583Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-17T07:05:31.625362Z">graaff</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-03.xml
new file mode 100644
index 0000000000..63c8aa1442
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-03.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-03">
+    <title>pip: arbitrary configuration injection</title>
+    <synopsis>A vulnerability has been discovered in pip, which could lead to arbitrary configuration options being injected.</synopsis>
+    <product type="ebuild">pip</product>
+    <announced>2025-01-17</announced>
+    <revised count="1">2025-01-17</revised>
+    <bug>918427</bug>
+    <access>local</access>
+    <affected>
+        <package name="dev-python/pip" auto="yes" arch="*">
+            <unaffected range="ge">23.3</unaffected>
+            <vulnerable range="lt">23.3</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>pip is a tool for installing and managing Python packages.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in pip. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="normal">
+        <p>When installing a package from a Mercurial VCS URL  (ie &#34;pip install hg+...&#34;), the specified Mercurial revision could be used to inject arbitrary configuration options to the &#34;hg clone&#34; call (ie &#34;--config&#34;). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren&#39;t installing from Mercurial.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All pip users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-python/pip-23.3"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-5752">CVE-2023-5752</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-17T07:08:02.410954Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-17T07:08:02.413296Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-04.xml
new file mode 100644
index 0000000000..c4de715082
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-04.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-04">
+    <title>Yubico pam-u2f: Partial Authentication Bypass</title>
+    <synopsis>A vulnerability has been discovered in Yubico pam-u2f, which can lead to a partial authentication bypass.</synopsis>
+    <product type="ebuild">pam_u2f</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>948201</bug>
+    <access>local</access>
+    <affected>
+        <package name="sys-auth/pam_u2f" auto="yes" arch="*">
+            <unaffected range="ge">1.3.2</unaffected>
+            <vulnerable range="lt">1.3.2</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>Yubico pam-u2f is a PAM module for FIDO2 and U2F keys.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in Yubico pam-u2f. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Depending on specific settings and usage scenarios the result of the pam-u2f module may be altered or ignored.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All Yubico pam-u2f users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=sys-auth/pam_u2f-1.3.2"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-23013">CVE-2025-23013</uri>
+        <uri link="https://www.yubico.com/support/security-advisories/YSA-2025-01">YSA-2025-01</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T06:15:02.537459Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T06:15:02.541001Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-05.xml
new file mode 100644
index 0000000000..db168d63df
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-05.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-05">
+    <title>libuv: Hostname Truncation</title>
+    <synopsis>A vulnerability has been discovered in libuv, where hostname truncation can lead to attacker-controlled lookups.</synopsis>
+    <product type="ebuild">libuv</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>924127</bug>
+    <access>remote</access>
+    <affected>
+        <package name="dev-libs/libuv" auto="yes" arch="*">
+            <unaffected range="ge">1.48.0</unaffected>
+            <vulnerable range="lt">1.48.0</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>libuv is a multi-platform support library with a focus on asynchronous I/O.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in libuv. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="normal">
+        <p>The uv_getaddrinfo function in src/unix/getaddrinfo.c truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses like 0x00007f000001, which are considered valid by getaddrinfo and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All libuv users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-libs/libuv-1.48.0"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-24806">CVE-2024-24806</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T06:16:58.811764Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T06:16:58.815474Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-06.xml
new file mode 100644
index 0000000000..eb611460ca
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-06.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-06">
+    <title>GPL Ghostscript: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">ghostscript-gpl</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>942639</bug>
+    <access>remote</access>
+    <affected>
+        <package name="app-text/ghostscript-gpl" auto="yes" arch="*">
+            <unaffected range="ge">10.04.0</unaffected>
+            <vulnerable range="lt">10.04.0</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>Ghostscript is an interpreter for the PostScript language and for PDF.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All GPL Ghostscript users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-10.04.0"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46951">CVE-2024-46951</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46952">CVE-2024-46952</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46953">CVE-2024-46953</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46954">CVE-2024-46954</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46955">CVE-2024-46955</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-46956">CVE-2024-46956</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T06:18:34.082233Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T06:18:34.085244Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-07.xml
new file mode 100644
index 0000000000..5181122006
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-07.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-07">
+    <title>libgsf: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in libgsf, the worst of which can lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">libgsf</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>940777</bug>
+    <access>remote</access>
+    <affected>
+        <package name="gnome-extra/libgsf" auto="yes" arch="*">
+            <unaffected range="ge">1.14.53</unaffected>
+            <vulnerable range="lt">1.14.53</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>The GNOME Structured File Library is an I/O library that can read and write common file types and handle structured formats that provide file-system-in-a-file semantics.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in libgsf. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All libgsf users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=gnome-extra/libgsf-1.14.53"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-36474">CVE-2024-36474</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-42415">CVE-2024-42415</uri>
+        <uri>TALOS-2024-2068</uri>
+        <uri>TALOS-2024-2069</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T06:25:02.419159Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T06:25:02.421783Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-08.xml
new file mode 100644
index 0000000000..153f3a3771
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-08.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-08">
+    <title>Qt: Buffer Overflow</title>
+    <synopsis>A vulnerability has been discovered in Qt, where a buffer overflow can lead to denial of service.</synopsis>
+    <product type="ebuild">qtbase,qtcore</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>911790</bug>
+    <access>local</access>
+    <affected>
+        <package name="dev-qt/qtbase" auto="yes" arch="*">
+            <unaffected range="ge">6.5.2</unaffected>
+            <vulnerable range="lt">6.5.2</vulnerable>
+        </package>
+        <package name="dev-qt/qtcore" auto="yes" arch="*">
+            <unaffected range="ge">5.15.10-r1</unaffected>
+            <vulnerable range="lt">5.15.10-r1</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>Qt is a cross-platform application development framework.</p>
+    </background>
+    <description>
+        <p>When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash or freeze or get out of memory on recursive entity expansion, with DTD tokens in XML body.</p>
+    </description>
+    <impact type="normal">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All Qt users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-qt/qtcore-5.15.10-r1"
+          # emerge --ask --oneshot --verbose ">=dev-qt/qtbase-6.5.2"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-37369">CVE-2023-37369</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-38197">CVE-2023-38197</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T07:21:01.913237Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T07:21:01.915567Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-09.xml
new file mode 100644
index 0000000000..9969734249
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-09.xml
@@ -0,0 +1,134 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-09">
+    <title>QtWebEngine: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">qtwebengine</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>944807</bug>
+    <access>remote</access>
+    <affected>
+        <package name="dev-qt/qtwebengine" auto="yes" arch="*">
+            <unaffected range="ge">5.15.16_p20241115</unaffected>
+            <vulnerable range="lt">5.15.16_p20241115</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All QtWebEngine users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.16_p20241115"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4058">CVE-2024-4058</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4059">CVE-2024-4059</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4060">CVE-2024-4060</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4558">CVE-2024-4558</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4559">CVE-2024-4559</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-4761">CVE-2024-4761</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5157">CVE-2024-5157</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5158">CVE-2024-5158</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5159">CVE-2024-5159</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5160">CVE-2024-5160</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5830">CVE-2024-5830</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5831">CVE-2024-5831</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5832">CVE-2024-5832</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5833">CVE-2024-5833</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5834">CVE-2024-5834</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5835">CVE-2024-5835</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5836">CVE-2024-5836</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5837">CVE-2024-5837</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5838">CVE-2024-5838</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5839">CVE-2024-5839</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5840">CVE-2024-5840</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5841">CVE-2024-5841</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5842">CVE-2024-5842</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5843">CVE-2024-5843</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5844">CVE-2024-5844</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5845">CVE-2024-5845</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5846">CVE-2024-5846</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-5847">CVE-2024-5847</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6290">CVE-2024-6290</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6291">CVE-2024-6291</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6292">CVE-2024-6292</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6293">CVE-2024-6293</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6988">CVE-2024-6988</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6989">CVE-2024-6989</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6991">CVE-2024-6991</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6994">CVE-2024-6994</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6995">CVE-2024-6995</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6996">CVE-2024-6996</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6997">CVE-2024-6997</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6998">CVE-2024-6998</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-6999">CVE-2024-6999</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7000">CVE-2024-7000</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7001">CVE-2024-7001</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7003">CVE-2024-7003</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7004">CVE-2024-7004</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7005">CVE-2024-7005</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7532">CVE-2024-7532</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7533">CVE-2024-7533</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7534">CVE-2024-7534</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7535">CVE-2024-7535</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7536">CVE-2024-7536</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7550">CVE-2024-7550</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7964">CVE-2024-7964</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7965">CVE-2024-7965</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7966">CVE-2024-7966</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7967">CVE-2024-7967</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7968">CVE-2024-7968</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7969">CVE-2024-7969</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7971">CVE-2024-7971</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7972">CVE-2024-7972</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7973">CVE-2024-7973</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7974">CVE-2024-7974</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7975">CVE-2024-7975</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7976">CVE-2024-7976</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7977">CVE-2024-7977</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7978">CVE-2024-7978</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7979">CVE-2024-7979</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7980">CVE-2024-7980</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-7981">CVE-2024-7981</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8033">CVE-2024-8033</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8034">CVE-2024-8034</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8035">CVE-2024-8035</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8193">CVE-2024-8193</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8194">CVE-2024-8194</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8198">CVE-2024-8198</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8636">CVE-2024-8636</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8637">CVE-2024-8637</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8638">CVE-2024-8638</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8639">CVE-2024-8639</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9120">CVE-2024-9120</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9121">CVE-2024-9121</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9122">CVE-2024-9122</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9123">CVE-2024-9123</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9602">CVE-2024-9602</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9603">CVE-2024-9603</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10229">CVE-2024-10229</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10230">CVE-2024-10230</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10231">CVE-2024-10231</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10826">CVE-2024-10826</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10827">CVE-2024-10827</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-45490">CVE-2024-45490</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-45491">CVE-2024-45491</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-45492">CVE-2024-45492</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T07:22:20.140856Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T07:22:20.142818Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-10.xml
new file mode 100644
index 0000000000..e8e9b1c0ac
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-10.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-10">
+    <title>Mozilla Firefox: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">firefox,firefox-bin</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>942469</bug>
+    <bug>945050</bug>
+    <bug>948113</bug>
+    <access>remote</access>
+    <affected>
+        <package name="www-client/firefox" auto="yes" arch="*">
+            <unaffected range="ge" slot="rapid">134.0</unaffected>
+            <unaffected range="ge" slot="esr">128.6.0</unaffected>
+            <vulnerable range="lt" slot="rapid">134.0</vulnerable>
+            <vulnerable range="lt" slot="esr">128.6.0</vulnerable>
+        </package>
+        <package name="www-client/firefox-bin" auto="yes" arch="*">
+            <unaffected range="ge" slot="rapid">134.0</unaffected>
+            <unaffected range="ge" slot="esr">128.6.0</unaffected>
+            <vulnerable range="lt" slot="rapid">134.0</vulnerable>
+            <vulnerable range="lt" slot="esr">128.6.0</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>Mozilla Firefox is a popular open-source web browser from the Mozilla project.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All Mozilla Firefox users should upgrade to the latest version in their release channel:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-134.0:rapid"
+          # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-128.6.0:esr"
+        </code>
+        
+        <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=www-client/firefox-134.0:rapid"
+          # emerge --ask --oneshot --verbose ">=www-client/firefox-128.6.0:esr"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10458">CVE-2024-10458</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10459">CVE-2024-10459</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10460">CVE-2024-10460</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10461">CVE-2024-10461</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10462">CVE-2024-10462</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10463">CVE-2024-10463</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10464">CVE-2024-10464</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10465">CVE-2024-10465</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10466">CVE-2024-10466</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10467">CVE-2024-10467</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10468">CVE-2024-10468</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11692">CVE-2024-11692</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11694">CVE-2024-11694</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11695">CVE-2024-11695</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11696">CVE-2024-11696</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11697">CVE-2024-11697</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11699">CVE-2024-11699</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11700">CVE-2024-11700</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11701">CVE-2024-11701</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11704">CVE-2024-11704</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11705">CVE-2024-11705</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11706">CVE-2024-11706</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11708">CVE-2024-11708</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0237">CVE-2025-0237</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0238">CVE-2025-0238</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0239">CVE-2025-0239</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0240">CVE-2025-0240</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0241">CVE-2025-0241</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0242">CVE-2025-0242</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0243">CVE-2025-0243</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0247">CVE-2025-0247</uri>
+        <uri>MFSA2024-55</uri>
+        <uri>MFSA2024-56</uri>
+        <uri>MFSA2024-57</uri>
+        <uri>MFSA2024-58</uri>
+        <uri>MFSA2024-59</uri>
+        <uri>MFSA2024-63</uri>
+        <uri>MFSA2024-64</uri>
+        <uri>MFSA2024-65</uri>
+        <uri>MFSA2024-67</uri>
+        <uri>MFSA2024-68</uri>
+        <uri>MFSA2025-01</uri>
+        <uri>MFSA2025-02</uri>
+        <uri>MFSA2025-05</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T07:24:25.583285Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T07:24:25.586463Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-11.xml
new file mode 100644
index 0000000000..4222591dfb
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202501-11.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="202501-11">
+    <title>PHP: Multiple Vulnerabilities</title>
+    <synopsis>Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.</synopsis>
+    <product type="ebuild">php</product>
+    <announced>2025-01-23</announced>
+    <revised count="1">2025-01-23</revised>
+    <bug>941598</bug>
+    <access>remote</access>
+    <affected>
+        <package name="dev-lang/php" auto="yes" arch="*">
+            <unaffected range="ge" slot="8.2">8.2.24</unaffected>
+            <unaffected range="ge" slot="8.3">8.3.12</unaffected>
+            <vulnerable range="lt" slot="8.2">8.2.24</vulnerable>
+            <vulnerable range="lt" slot="8.3">8.3.12</vulnerable>
+            <vulnerable range="lt" slot="8.1">8.1.30</vulnerable>
+        </package>
+    </affected>
+    <background>
+        <p>PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML.</p>
+    </background>
+    <description>
+        <p>Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.</p>
+    </description>
+    <impact type="high">
+        <p>Please review the referenced CVE identifiers for details.</p>
+    </impact>
+    <workaround>
+        <p>There is no known workaround at this time.</p>
+    </workaround>
+    <resolution>
+        <p>All PHP users should upgrade to the latest version:</p>
+        
+        <code>
+          # emerge --sync
+          # emerge --ask --oneshot --verbose ">=dev-lang/php-8.2.24:8.2"
+          # emerge --ask --oneshot --verbose ">=dev-lang/php-8.3.12:8.3"
+        </code>
+        
+        <p>Gentoo has discontinued support for php 8.1:</p>
+        
+        <code>
+          # emerge --ask --verbose --depclean "dev-lang/php:8.1"
+        </code>
+    </resolution>
+    <references>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8925">CVE-2024-8925</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-8927">CVE-2024-8927</uri>
+        <uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-9026">CVE-2024-9026</uri>
+    </references>
+    <metadata tag="requester" timestamp="2025-01-23T07:26:35.892309Z">graaff</metadata>
+    <metadata tag="submitter" timestamp="2025-01-23T07:26:35.894806Z">graaff</metadata>
+</glsa>
\ No newline at end of file
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
index 9828bb002c..7d88d3be12 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Wed, 01 Jan 2025 06:40:39 +0000
+Sat, 01 Feb 2025 06:42:03 +0000
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
index 9f09f9ad7d..9342cfcc57 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-75999cf3645e45cf60bdeaf1621c235c071cf08b 1734174153 2024-12-14T11:02:33Z
+681de9cd0cd49ec8f318f71af0c5917f69f302d8 1737617238 2025-01-23T07:27:18Z