mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-19 05:21:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

bump(metadata/glsa): sync with upstream

Browse Source
This commit is contained in:
David Michael 2017-09-29 11:29:43 -07:00
parent 95f054aadb
commit 89cb118391
2529 changed files with 26180 additions and 26432 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200310-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200310-03"> <glsa id="200310-03">
<title>Apache: multiple buffer overflows</title> <title>Apache: multiple buffer overflows</title>
<synopsis> <synopsis>
@ -9,7 +8,7 @@
</synopsis> </synopsis>
<product type="ebuild">Apache</product> <product type="ebuild">Apache</product>
<announced>2003-10-28</announced> <announced>2003-10-28</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>32194</bug> <bug>32194</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -57,6 +56,6 @@
# /etc/init.d/apache restart</code> # /etc/init.d/apache restart</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542">CAN-2003-0542 (under review at time of GLSA)</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542">CAN-2003-0542 (under review at time of GLSA)</uri>
</references> </references>
</glsa> </glsa>

7
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200310-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200310-04"> <glsa id="200310-04">
<title>Apache: buffer overflows and a possible information disclosure</title> <title>Apache: buffer overflows and a possible information disclosure</title>
<synopsis> <synopsis>
@ -11,7 +10,7 @@
</synopsis> </synopsis>
<product type="ebuild">Apache</product> <product type="ebuild">Apache</product>
<announced>2003-10-31</announced> <announced>2003-10-31</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>32271</bug> <bug>32271</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -65,7 +64,7 @@
</p> </p>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789">CAN-2003-0789</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789">CAN-2003-0789</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542">CAN-2003-0542</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542">CAN-2003-0542</uri>
</references> </references>
</glsa> </glsa>

7
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-01"> <glsa id="200311-01">
<title>kdebase: KDM vulnerabilities</title> <title>kdebase: KDM vulnerabilities</title>
<synopsis> <synopsis>
@ -58,8 +57,8 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690">CAN-2003-0690</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690">CAN-2003-0690</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0692">CAN-2003-0692</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0692">CAN-2003-0692</uri>
<uri link="http://www.kde.org/info/security/advisory-20030916-1.txt">KDE Security Advisory</uri> <uri link="https://www.kde.org/info/security/advisory-20030916-1.txt">KDE Security Advisory</uri>
</references> </references>
</glsa> </glsa>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-02"> <glsa id="200311-02">
<title>Opera: buffer overflows in 7.11 and 7.20</title> <title>Opera: buffer overflows in 7.11 and 7.20</title>
<synopsis> <synopsis>
@ -58,7 +57,7 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0870">CAN-2003-0870</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0870">CAN-2003-0870</uri>
<uri link="http://www.atstake.com/research/advisories/2003/a102003-1.txt">@stake Security Advisory</uri> <uri link="http://www.atstake.com/research/advisories/2003/a102003-1.txt">@stake Security Advisory</uri>
</references> </references>
</glsa> </glsa>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-03"> <glsa id="200311-03">
<title>HylaFAX: Remote code exploit in hylafax</title> <title>HylaFAX: Remote code exploit in hylafax</title>
<synopsis> <synopsis>
@ -54,7 +53,7 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0886">CAN-2003-0886</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0886">CAN-2003-0886</uri>
<uri link="http://www.novell.com/linux/security/advisories/2003_045_hylafax.html">SuSE Security Announcment</uri> <uri link="http://www.novell.com/linux/security/advisories/2003_045_hylafax.html">SuSE Security Announcment</uri>
</references> </references>
</glsa> </glsa>

1
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-04"> <glsa id="200311-04">
<title>FreeRADIUS: heap exploit and NULL pointer dereference vulnerability</title> <title>FreeRADIUS: heap exploit and NULL pointer dereference vulnerability</title>
<synopsis> <synopsis>

1
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-05"> <glsa id="200311-05">
<title>Ethereal: security problems in ethereal 0.9.15</title> <title>Ethereal: security problems in ethereal 0.9.15</title>
<synopsis> <synopsis>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-06"> <glsa id="200311-06">
<title>glibc: getgrouplist buffer overflow vulnerability</title> <title>glibc: getgrouplist buffer overflow vulnerability</title>
<synopsis> <synopsis>
@ -53,6 +52,6 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0689">CAN-2003-0689</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0689">CAN-2003-0689</uri>
</references> </references>
</glsa> </glsa>

5
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-07"> <glsa id="200311-07">
<title>phpSysInfo: arbitrary code execution and directory traversal</title> <title>phpSysInfo: arbitrary code execution and directory traversal</title>
<synopsis> <synopsis>
@ -9,7 +8,7 @@
</synopsis> </synopsis>
<product type="ebuild">phpSysInfo</product> <product type="ebuild">phpSysInfo</product>
<announced>2003-11-22</announced> <announced>2003-11-22</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>26782</bug> <bug>26782</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -53,6 +52,6 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0536">CAN-2003-0536</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0536">CAN-2003-0536</uri>
</references> </references>
</glsa> </glsa>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200311-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200311-08"> <glsa id="200311-08">
<title>Libnids: remote code execution vulnerability</title> <title>Libnids: remote code execution vulnerability</title>
<synopsis> <synopsis>
@ -50,6 +49,6 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850">CAN-2003-0850</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850">CAN-2003-0850</uri>
</references> </references>
</glsa> </glsa>

1
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-01"> <glsa id="200312-01">
<title>rsync.gentoo.org: rotation server compromised</title> <title>rsync.gentoo.org: rotation server compromised</title>
<synopsis> <synopsis>

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-03"> <glsa id="200312-03">
<title>rsync: exploitable heap overflow</title> <title>rsync: exploitable heap overflow</title>
<synopsis> <synopsis>
@ -67,9 +66,9 @@
# /etc/init.d/rsyncd restart</code> # /etc/init.d/rsyncd restart</code>
</resolution> </resolution>
<references> <references>
<uri link="http://rsync.samba.org/#security_dec03">Rsync Security Advisory</uri> <uri link="https://rsync.samba.org/#security_dec03">Rsync Security Advisory</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962">CAN-2003-0962</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0962">CAN-2003-0962</uri>
<uri link="http://security.gentoo.org/glsa/glsa-200312-02.xml">GLSA-200312-02</uri> <uri link="https://security.gentoo.org/glsa/glsa-200312-02.xml">GLSA-200312-02</uri>
<uri link="http://security.gentoo.org/glsa/glsa-200312-01.xml">GLSA-200312-01</uri> <uri link="https://security.gentoo.org/glsa/glsa-200312-01.xml">GLSA-200312-01</uri>
</references> </references>
</glsa> </glsa>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-04"> <glsa id="200312-04">
<title>CVS: malformed module request vulnerability</title> <title>CVS: malformed module request vulnerability</title>
<synopsis> <synopsis>
@ -61,6 +60,6 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977">CAN-2003-0977</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977">CAN-2003-0977</uri>
</references> </references>
</glsa> </glsa>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-05"> <glsa id="200312-05">
<title>GnuPG: ElGamal signing keys compromised and format string vulnerability</title> <title>GnuPG: ElGamal signing keys compromised and format string vulnerability</title>
<synopsis> <synopsis>
@ -65,7 +64,7 @@
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0971">CAN-2003-0971</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0971">CAN-2003-0971</uri>
<uri link="http://marc.theaimsgroup.com/?l=gnupg-announce&amp;m=106992378510843&amp;q=raw">GnuPG Announcement</uri> <uri link="http://marc.theaimsgroup.com/?l=gnupg-announce&amp;m=106992378510843&amp;q=raw">GnuPG Announcement</uri>
<uri link="http://www.s-quadra.com/advisories/Adv-20031203.txt">S-Quadra Advisory</uri> <uri link="http://www.s-quadra.com/advisories/Adv-20031203.txt">S-Quadra Advisory</uri>
</references> </references>

3
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-06"> <glsa id="200312-06">
<title>XChat: malformed dcc send request denial of service</title> <title>XChat: malformed dcc send request denial of service</title>
<synopsis> <synopsis>
@ -59,6 +58,6 @@
</p> </p>
</resolution> </resolution>
<references> <references>
<uri link="http://mail.nl.linux.org/xchat-announce/2003-12/msg00000.html">XChat Announcement</uri> <uri link="https://mail.nl.linux.org/xchat-announce/2003-12/msg00000.html">XChat Announcement</uri>
</references> </references>
</glsa> </glsa>

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-07"> <glsa id="200312-07">
<title>Two buffer overflows in lftp</title> <title>Two buffer overflows in lftp</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
a malicious ftp server, could lead to malicious code being executed. a malicious ftp server, could lead to malicious code being executed.
</synopsis> </synopsis>
<product type="ebuild">lftp</product> <product type="ebuild">lftp</product>
<announced>December 13, 2003</announced> <announced>2003-12-13</announced>
<revised>200312-07: 2</revised> <revised>2003-12-07: 2</revised>
<bug>35866</bug> <bug>35866</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -64,8 +63,8 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv '>=net-ftp/lftp-2.6.10' # emerge -pv '&gt;=net-ftp/lftp-2.6.10'
# emerge '>=net-ftp/lftp-2.6.10' # emerge '&gt;=net-ftp/lftp-2.6.10'
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>

1
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200312-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200312-08"> <glsa id="200312-08">
<title>CVS: possible root compromise when using CVS pserver</title> <title>CVS: possible root compromise when using CVS pserver</title>
<synopsis> <synopsis>

21
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200401-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200401-01"> <glsa id="200401-01">
<title>Linux kernel do_mremap() local privilege escalation vulnerability</title> <title>Linux kernel do_mremap() local privilege escalation vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
which allows for local privelege escalation. which allows for local privelege escalation.
</synopsis> </synopsis>
<product type="ebuild">Kernel</product> <product type="ebuild">Kernel</product>
<announced>January 08, 2004</announced> <announced>2004-01-08</announced>
<revised>January 08, 2004: 01</revised> <revised>2004-01-08: 01</revised>
<bug>37292</bug> <bug>37292</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -212,15 +211,15 @@
their system: their system:
</p> </p>
<code> <code>
$> emerge sync $&gt; emerge sync
$> emerge -pv your-favourite-sources $&gt; emerge -pv your-favourite-sources
$> emerge your-favourite-sources $&gt; emerge your-favourite-sources
$> # Follow usual procedure for compiling and installing a kernel. $&gt; # Follow usual procedure for compiling and installing a kernel.
$> # If you use genkernel, run genkernel as you would do normally. $&gt; # If you use genkernel, run genkernel as you would do normally.
$> # IF YOUR KERNEL IS MARKED as "remerge required!" THEN $&gt; # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
$> # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE $&gt; # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
$> # REPORTS THAT THE SAME VERSION IS INSTALLED.</code> $&gt; # REPORTS THAT THE SAME VERSION IS INSTALLED.</code>
</resolution> </resolution>
<references> <references>
<uri link="http://isec.pl/vulnerabilities/isec-0012-mremap.txt">Vulnerability</uri> <uri link="http://isec.pl/vulnerabilities/isec-0012-mremap.txt">Vulnerability</uri>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200401-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200401-02"> <glsa id="200401-02">
<title>Honeyd remote detection vulnerability via a probe packet</title> <title>Honeyd remote detection vulnerability via a probe packet</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
known. known.
</synopsis> </synopsis>
<product type="ebuild">honeyd</product> <product type="ebuild">honeyd</product>
<announced>January 21, 2004</announced> <announced>2004-01-21</announced>
<revised>January 21, 2004: 01</revised> <revised>2004-01-21: 01</revised>
<bug>38934</bug> <bug>38934</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,9 +50,9 @@
All users are recommended to update to honeyd version 0.8: All users are recommended to update to honeyd version 0.8:
</p> </p>
<code> <code>
$> emerge sync $&gt; emerge sync
$> emerge -pv ">=net-analyzer/honeyd-0.8" $&gt; emerge -pv "&gt;=net-analyzer/honeyd-0.8"
$> emerge ">=net-analyzer/honeyd-0.8"</code> $&gt; emerge "&gt;=net-analyzer/honeyd-0.8"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.honeyd.org/adv.2004-01.asc">Honeyd Security Advisory 2004-001</uri> <uri link="http://www.honeyd.org/adv.2004-01.asc">Honeyd Security Advisory 2004-001</uri>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200401-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200401-03"> <glsa id="200401-03">
<title>Apache mod_python Denial of Service vulnerability</title> <title>Apache mod_python Denial of Service vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
malformed query string was sent. malformed query string was sent.
</synopsis> </synopsis>
<product type="ebuild">mod_python</product> <product type="ebuild">mod_python</product>
<announced>January 27, 2004</announced> <announced>2004-01-27</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>39154</bug> <bug>39154</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -56,12 +55,12 @@
update their mod_python installation: update their mod_python installation:
</p> </p>
<code> <code>
$> emerge sync $&gt; emerge sync
$> emerge -pv ">=www-apache/mod_python-2.7.10" $&gt; emerge -pv "&gt;=www-apache/mod_python-2.7.10"
$> emerge ">=www-apache/mod_python-2.7.10" $&gt; emerge "&gt;=www-apache/mod_python-2.7.10"
$> /etc/init.d/apache restart</code> $&gt; /etc/init.d/apache restart</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.modpython.org/pipermail/mod_python/2004-January/014879.html">Mod_python 2.7.10 release announcement</uri> <uri link="https://www.modpython.org/pipermail/mod_python/2004-January/014879.html">Mod_python 2.7.10 release announcement</uri>
</references> </references>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200401-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200401-04"> <glsa id="200401-04">
<title>GAIM 0.75 Remote overflows</title> <title>GAIM 0.75 Remote overflows</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
GAIM that could lead to a remote compromise of the IM client. GAIM that could lead to a remote compromise of the IM client.
</synopsis> </synopsis>
<product type="ebuild">GAIM</product> <product type="ebuild">GAIM</product>
<announced>January 26, 2004</announced> <announced>2004-01-26</announced>
<revised>January 26, 2004: 01</revised> <revised>2004-01-26: 01</revised>
<bug>39470</bug> <bug>39470</bug>
<access>man-in-the-middle</access> <access>man-in-the-middle</access>
<affected> <affected>
@ -68,9 +67,9 @@
All users are recommended to upgrade GAIM to 0.75-r7. All users are recommended to upgrade GAIM to 0.75-r7.
</p> </p>
<code> <code>
$> emerge sync $&gt; emerge sync
$> emerge -pv ">=net-im/gaim-0.75-r7" $&gt; emerge -pv "&gt;=net-im/gaim-0.75-r7"
$> emerge ">=net-im/gaim-0.75-r7"</code> $&gt; emerge "&gt;=net-im/gaim-0.75-r7"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/archive/1/351235/2004-01-23/2004-01-29/0">Security advisory from Stefan Esser</uri> <uri link="http://www.securityfocus.com/archive/1/351235/2004-01-23/2004-01-29/0">Security advisory from Stefan Esser</uri>

25
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-01.xml vendored
View File

@ -1,19 +1,18 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-01"> <glsa id="200402-01">
<title>PHP setting leaks from .htaccess files on virtual hosts</title> <title>PHP setting leaks from .htaccess files on virtual hosts</title>
<synopsis> <synopsis>
If the server configuration &quot;php.ini&quot; file has If the server configuration "php.ini" file has
&quot;register_globals = on&quot; and a request is made to one virtual host "register_globals = on" and a request is made to one virtual host
(which has &quot;php_admin_flag register_globals off&quot;) and the next (which has "php_admin_flag register_globals off") and the next
request is sent to the another virtual host (which does not have the request is sent to the another virtual host (which does not have the
setting) global variables may leak and may be used to exploit the setting) global variables may leak and may be used to exploit the
site. site.
</synopsis> </synopsis>
<product type="ebuild">PHP</product> <product type="ebuild">PHP</product>
<announced>February 07, 2004</announced> <announced>2004-02-07</announced>
<revised>February 07, 2004: 01</revised> <revised>2004-02-07: 01</revised>
<bug>39952</bug> <bug>39952</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -30,9 +29,9 @@
</background> </background>
<description> <description>
<p> <p>
If the server configuration &quot;php.ini&quot; file has If the server configuration "php.ini" file has
&quot;register_globals = on&quot; and a request is made to one virtual host "register_globals = on" and a request is made to one virtual host
(which has &quot;php_admin_flag register_globals off&quot;) and the next (which has "php_admin_flag register_globals off") and the next
request is sent to the another virtual host (which does not have the request is sent to the another virtual host (which does not have the
setting) through the same apache child, the setting will persist. setting) through the same apache child, the setting will persist.
</p> </p>
@ -45,7 +44,7 @@
result, users are urged to upgrade their PHP installations. result, users are urged to upgrade their PHP installations.
</p> </p>
<p> <p>
Gentoo ships PHP with &quot;register_globals&quot; set to &quot;off&quot; Gentoo ships PHP with "register_globals" set to "off"
by default. by default.
</p> </p>
<p> <p>
@ -64,10 +63,10 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-php/mod_php-4.3.4-r4" # emerge -pv "&gt;=dev-php/mod_php-4.3.4-r4"
# emerge ">=dev-php/mod_php-4.3.4-r4"</code> # emerge "&gt;=dev-php/mod_php-4.3.4-r4"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://bugs.php.net/bug.php?id=25753">Corresponding PHP bug</uri> <uri link="https://bugs.php.net/bug.php?id=25753">Corresponding PHP bug</uri>
</references> </references>
</glsa> </glsa>

12
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-02"> <glsa id="200402-02">
<title>XFree86 Font Information File Buffer Overflow</title> <title>XFree86 Font Information File Buffer Overflow</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
Window System allows local attackers to gain root privileges. Window System allows local attackers to gain root privileges.
</synopsis> </synopsis>
<product type="ebuild">200402-02</product> <product type="ebuild">200402-02</product>
<announced>February 11, 2004</announced> <announced>2004-02-11</announced>
<revised>February 11, 2004: 01</revised> <revised>2004-02-11: 01</revised>
<access>local</access> <access>local</access>
<affected> <affected>
<package name="x11-base/xfree" auto="yes" arch="*"> <package name="x11-base/xfree" auto="yes" arch="*">
@ -44,11 +43,11 @@
To reproduce the overflow on the command line one can run: To reproduce the overflow on the command line one can run:
</p> </p>
<code> <code>
# cat > fonts.dir &lt;&lt;EOF # cat &gt; fonts.dir &lt;&lt;EOF
1 1
word.bdf -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1 word.bdf -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-1
EOF EOF
# perl -e 'print "0" x 1024 . "A" x 96 . "\n"' > fonts.alias # perl -e 'print "0" x 1024 . "A" x 96 . "\n"' &gt; fonts.alias
# X :0 -fp $PWD</code> # X :0 -fp $PWD</code>
<p> <p>
{Some output removed}... Server aborting... Segmentation fault (core dumped) {Some output removed}... Server aborting... Segmentation fault (core dumped)
@ -84,8 +83,7 @@
# emerge x11-base/xfree</code> # emerge x11-base/xfree</code>
</resolution> </resolution>
<references> <references>
<uri <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083">CVE: CAN-2004-0083</uri>
link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083">CVE: CAN-2004-0083</uri>
<uri link="http://www.idefense.com/application/poi/display?id=72&amp;type=vulnerabilities">Vulnerability: <uri link="http://www.idefense.com/application/poi/display?id=72&amp;type=vulnerabilities">Vulnerability:
XFree86 Font Information File Buffer Overflow</uri> XFree86 Font Information File Buffer Overflow</uri>
</references> </references>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-03"> <glsa id="200402-03">
<title>Monkeyd Denial of Service vulnerability</title> <title>Monkeyd Denial of Service vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
launched against the webserver. launched against the webserver.
</synopsis> </synopsis>
<product type="ebuild">monkeyd</product> <product type="ebuild">monkeyd</product>
<announced>February 11, 2004</announced> <announced>2004-02-11</announced>
<revised>February 11, 2004: 01</revised> <revised>2004-02-11: 01</revised>
<bug>41156</bug> <bug>41156</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -50,10 +49,10 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=www-servers/monkeyd-0.8.2" # emerge -pv "&gt;=www-servers/monkeyd-0.8.2"
# emerge ">=www-servers/monkeyd-0.8.2"</code> # emerge "&gt;=www-servers/monkeyd-0.8.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cvs.sourceforge.net/viewcvs.py/monkeyd/monkeyd/src/utils.c?r1=1.3&amp;r2=1.4">CVS Patch</uri> <uri link="https://cvs.sourceforge.net/viewcvs.py/monkeyd/monkeyd/src/utils.c?r1=1.3&amp;r2=1.4">CVS Patch</uri>
</references> </references>
</glsa> </glsa>

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-04"> <glsa id="200402-04">
<title>Gallery 1.4.1 and below remote exploit vulnerability</title> <title>Gallery 1.4.1 and below remote exploit vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
remote exploit of your webserver. remote exploit of your webserver.
</synopsis> </synopsis>
<product type="ebuild">Gallery</product> <product type="ebuild">Gallery</product>
<announced>February 11, 2004</announced> <announced>2004-02-11</announced>
<revised>February 11, 2004: 01</revised> <revised>2004-02-11: 01</revised>
<bug>39638</bug> <bug>39638</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -57,8 +56,8 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -p ">=www-apps/gallery-1.4.1_p1" # emerge -p "&gt;=www-apps/gallery-1.4.1_p1"
# emerge ">=www-apps/gallery-1.4.1_p1"</code> # emerge "&gt;=www-apps/gallery-1.4.1_p1"</code>
</resolution> </resolution>
<references> <references>
</references> </references>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-05"> <glsa id="200402-05">
<title>phpMyAdmin &lt; 2.5.6-rc1: possible attack against export.php</title> <title>phpMyAdmin &lt; 2.5.6-rc1: possible attack against export.php</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
generated input could lead to a directory traversal attack. generated input could lead to a directory traversal attack.
</synopsis> </synopsis>
<product type="ebuild">phpmyadmin</product> <product type="ebuild">phpmyadmin</product>
<announced>February 17, 2004</announced> <announced>2004-02-17</announced>
<revised>February 17, 2004: 01</revised> <revised>2004-02-17: 01</revised>
<bug>40268</bug> <bug>40268</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -55,11 +54,11 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-db/phpmyadmin-2.5.6_rc1" # emerge -pv "&gt;=dev-db/phpmyadmin-2.5.6_rc1"
# emerge ">=dev-db/phpmyadmin-2.5.6_rc1" # emerge "&gt;=dev-db/phpmyadmin-2.5.6_rc1"
# emerge clean</code> # emerge clean</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cvs.sourceforge.net/viewcvs.py/phpmyadmin/phpMyAdmin/export.php?r1=2.3&amp;r2=2.3.2.1">CVS Patch</uri> <uri link="https://cvs.sourceforge.net/viewcvs.py/phpmyadmin/phpMyAdmin/export.php?r1=2.3&amp;r2=2.3.2.1">CVS Patch</uri>
</references> </references>
</glsa> </glsa>

5
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-06"> <glsa id="200402-06">
<title>Updated kernel packages fix the AMD64 ptrace vulnerability</title> <title>Updated kernel packages fix the AMD64 ptrace vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
elevated priveleges. elevated priveleges.
</synopsis> </synopsis>
<product type="ebuild">Kernel</product> <product type="ebuild">Kernel</product>
<announced>February 17, 2004</announced> <announced>2004-02-17</announced>
<revised>February 17, 2004: 01</revised> <revised>2004-02-17: 01</revised>
<access>local</access> <access>local</access>
<affected> <affected>
<package name="sys-kernel/ck-sources" auto="yes" arch="amd64"> <package name="sys-kernel/ck-sources" auto="yes" arch="amd64">

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200402-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200402-07"> <glsa id="200402-07">
<title>Clam Antivirus DoS vulnerability</title> <title>Clam Antivirus DoS vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
programs that rely on the clamav daemon, such as SMTP daemons. programs that rely on the clamav daemon, such as SMTP daemons.
</synopsis> </synopsis>
<product type="ebuild">clamav</product> <product type="ebuild">clamav</product>
<announced>February 17, 2004</announced> <announced>2004-02-17</announced>
<revised>February 17, 2004: 01</revised> <revised>2004-02-17: 01</revised>
<bug>41248</bug> <bug>41248</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -58,8 +57,8 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-antivirus/clamav-0.6.7" # emerge -pv "&gt;=app-antivirus/clamav-0.6.7"
# emerge ">=app-antivirus/clamav-0.6.7"</code> # emerge "&gt;=app-antivirus/clamav-0.6.7"</code>
</resolution> </resolution>
<references> <references>
</references> </references>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-01"> <glsa id="200403-01">
<title>Libxml2 URI Parsing Buffer Overflow Vulnerabilities</title> <title>Libxml2 URI Parsing Buffer Overflow Vulnerabilities</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
arbitrary code. arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">libxml</product> <product type="ebuild">libxml</product>
<announced>March 05, 2004</announced> <announced>2004-03-05</announced>
<revised>March 05, 2004: 01</revised> <revised>2004-03-05: 01</revised>
<bug>42735</bug> <bug>42735</bug>
<access>local and remote combination</access> <access>local and remote combination</access>
<affected> <affected>
@ -44,10 +43,10 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-libs/libxml2-2.6.6" # emerge -pv "&gt;=dev-libs/libxml2-2.6.6"
# emerge ">=dev-libs/libxml2-2.6.6"</code> # emerge "&gt;=dev-libs/libxml2-2.6.6"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110">CVE 2004-0110</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110">CVE 2004-0110</uri>
</references> </references>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-02"> <glsa id="200403-02">
<title>Linux kernel do_mremap local privilege escalation vulnerability</title> <title>Linux kernel do_mremap local privilege escalation vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
escalations. escalations.
</synopsis> </synopsis>
<product type="ebuild">Kernel</product> <product type="ebuild">Kernel</product>
<announced>March 05, 2004</announced> <announced>2004-03-05</announced>
<revised>May 22, 2006: 03</revised> <revised>2006-05-22: 03</revised>
<bug>42024</bug> <bug>42024</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -228,15 +227,15 @@
# # Follow usual procedure for compiling and installing a kernel. # # Follow usual procedure for compiling and installing a kernel.
# # If you use genkernel, run genkernel as you would do normally. # # If you use genkernel, run genkernel as you would do normally.
# # IF YOUR KERNEL IS MARKED as &quot;remerge required!&quot; THEN # # IF YOUR KERNEL IS MARKED as "remerge required!" THEN
# # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE # # YOU SHOULD UPDATE YOUR KERNEL EVEN IF PORTAGE
# # REPORTS THAT THE SAME VERSION IS INSTALLED.</code> # # REPORTS THAT THE SAME VERSION IS INSTALLED.</code>
</resolution> </resolution>
<references> <references>
<uri link="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">Advisory released by iSEC</uri> <uri link="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">Advisory released by iSEC</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0077">CVE-2004-0077</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0077">CVE-2004-0077</uri>
</references> </references>
<metadata tag="submitter" timestamp="Sat, 2 Apr 2005 12:59:08 +0000"> <metadata tag="submitter" timestamp="2005-04-02T12:59:08Z">
koon koon
</metadata> </metadata>
</glsa> </glsa>

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-03"> <glsa id="200403-03">
<title>Multiple OpenSSL Vulnerabilities</title> <title>Multiple OpenSSL Vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
suite for the TLS protocol developed by Codenomicon Ltd. suite for the TLS protocol developed by Codenomicon Ltd.
</synopsis> </synopsis>
<product type="ebuild">OpenSSL</product> <product type="ebuild">OpenSSL</product>
<announced>March 17, 2004</announced> <announced>2004-03-17</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>44941</bug> <bug>44941</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -77,15 +76,15 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=dev-libs/openssl-0.9.7d&quot; # emerge -pv "&gt;=dev-libs/openssl-0.9.7d"
# emerge &quot;&gt;=dev-libs/openssl-0.9.7d&quot;</code> # emerge "&gt;=dev-libs/openssl-0.9.7d"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0079">CVE-2004-0079</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0079">CVE-2004-0079</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0081">CVE-2004-0081</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0081">CVE-2004-0081</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0112">CVE-2004-0112</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0112">CVE-2004-0112</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:54:03 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:54:03Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-04"> <glsa id="200403-04">
<title>Multiple security vulnerabilities in Apache 2</title> <title>Multiple security vulnerabilities in Apache 2</title>
<synopsis> <synopsis>
@ -11,8 +10,8 @@
mod_disk_cache module. mod_disk_cache module.
</synopsis> </synopsis>
<product type="ebuild">Apache</product> <product type="ebuild">Apache</product>
<announced>March 22, 2004</announced> <announced>2004-03-22</announced>
<revised>December 30, 2007: 03</revised> <revised>2007-12-30: 03</revised>
<bug>45206</bug> <bug>45206</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -79,8 +78,8 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=www-servers/apache-2.0.49&quot; # emerge -pv "&gt;=www-servers/apache-2.0.49"
# emerge &quot;&gt;=www-servers/apache-2.0.49&quot; # emerge "&gt;=www-servers/apache-2.0.49"
# ** IMPORTANT ** # ** IMPORTANT **
@ -102,10 +101,10 @@
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/bid/9933/info/">Apache mod_disk_cache authentication storage weakness vulnerability</uri> <uri link="http://www.securityfocus.com/bid/9933/info/">Apache mod_disk_cache authentication storage weakness vulnerability</uri>
<uri link="http://www.apache.org/dist/httpd/Announcement2.html">Apache HTTP Server 2.0.49 Announcement</uri> <uri link="https://www.apache.org/dist/httpd/Announcement2.html">Apache HTTP Server 2.0.49 Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113">CVE-2004-0113</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113">CVE-2004-0113</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:52:59 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:52:59Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-05"> <glsa id="200403-05">
<title>UUDeview MIME Buffer Overflow</title> <title>UUDeview MIME Buffer Overflow</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
extensions) may cause UUDeview to crash or execute arbitrary code. extensions) may cause UUDeview to crash or execute arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">UUDeview</product> <product type="ebuild">UUDeview</product>
<announced>March 26, 2004</announced> <announced>2004-03-26</announced>
<revised>March 26, 2004: 01</revised> <revised>2004-03-26: 01</revised>
<bug>44859</bug> <bug>44859</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -57,8 +56,8 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-text/uudeview-0.5.20" # emerge -pv "&gt;=app-text/uudeview-0.5.20"
# emerge ">=app-text/uudeview-0.5.20" # emerge "&gt;=app-text/uudeview-0.5.20"
</code> </code>
</resolution> </resolution>
<references> <references>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-06"> <glsa id="200403-06">
<title>Multiple remote buffer overflow vulnerabilities in Courier</title> <title>Multiple remote buffer overflow vulnerabilities in Courier</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
allowing unauthorized access to a vulnerable system. allowing unauthorized access to a vulnerable system.
</synopsis> </synopsis>
<product type="ebuild">Courier</product> <product type="ebuild">Courier</product>
<announced>March 26, 2004</announced> <announced>2004-03-26</announced>
<revised>March 26, 2004: 01</revised> <revised>2004-03-26: 01</revised>
<bug>45584</bug> <bug>45584</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -56,17 +55,17 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-mail/courier-imap-3.0.0" # emerge -pv "&gt;=net-mail/courier-imap-3.0.0"
# emerge ">=net-mail/courier-imap-3.0.0" # emerge "&gt;=net-mail/courier-imap-3.0.0"
# ** Or; depending on your installation... ** # ** Or; depending on your installation... **
# emerge -pv ">=mail-mta/courier-0.45" # emerge -pv "&gt;=mail-mta/courier-0.45"
# emerge ">=mail-mta/courier-0.45" # emerge "&gt;=mail-mta/courier-0.45"
</code> </code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/bid/9845">Courier Multiple Remote Buffer Overflow Vulnerabilities</uri> <uri link="http://www.securityfocus.com/bid/9845">Courier Multiple Remote Buffer Overflow Vulnerabilities</uri>
<uri link="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0224">CAN-2004-0224</uri> <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0224">CAN-2004-0224</uri>
</references> </references>
</glsa> </glsa>

19
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-07"> <glsa id="200403-07">
<title>Multiple remote overflows and vulnerabilities in Ethereal</title> <title>Multiple remote overflows and vulnerabilities in Ethereal</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
attacker to crash the program or run arbitrary code. attacker to crash the program or run arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">ethereal</product> <product type="ebuild">ethereal</product>
<announced>March 28, 2004</announced> <announced>2004-03-28</announced>
<revised>March 28, 2004: 01</revised> <revised>2004-03-28: 01</revised>
<bug>45543</bug> <bug>45543</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -23,13 +22,13 @@
Quote from http://www.ethereal.com Quote from http://www.ethereal.com
</p> </p>
<p> <p>
&quot;Ethereal is used by network professionals around the world for "Ethereal is used by network professionals around the world for
troubleshooting, analysis, software and protocol development, and troubleshooting, analysis, software and protocol development, and
education. It has all of the standard features you would expect in a education. It has all of the standard features you would expect in a
protocol analyzer, and several features not seen in any other product. Its protocol analyzer, and several features not seen in any other product. Its
open source license allows talented experts in the networking community to open source license allows talented experts in the networking community to
add enhancements. It runs on all popular computing platforms, including add enhancements. It runs on all popular computing platforms, including
Unix, Linux, and Windows.&quot; Unix, Linux, and Windows."
</p> </p>
</background> </background>
<description> <description>
@ -60,13 +59,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-analyzer/ethereal-0.10.3" # emerge -pv "&gt;=net-analyzer/ethereal-0.10.3"
# emerge ">=net-analyzer/ethereal-0.10.3"</code> # emerge "&gt;=net-analyzer/ethereal-0.10.3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.ethereal.com/appnotes/enpa-sa-00013.html">Multiple security problems in Ethereal 0.10.2</uri> <uri link="http://www.ethereal.com/appnotes/enpa-sa-00013.html">Multiple security problems in Ethereal 0.10.2</uri>
<uri link="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0176">CAN-2004-0176</uri> <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0176">CAN-2004-0176</uri>
<uri link="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0365">CAN-2004-0365</uri> <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0365">CAN-2004-0365</uri>
<uri link="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0367">CAN-2004-0367</uri> <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0367">CAN-2004-0367</uri>
</references> </references>
</glsa> </glsa>

18
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-08"> <glsa id="200403-08">
<title>oftpd DoS vulnerability</title> <title>oftpd DoS vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
crash the oftpd daemon. crash the oftpd daemon.
</synopsis> </synopsis>
<product type="ebuild">oftpd</product> <product type="ebuild">oftpd</product>
<announced>March 29, 2004</announced> <announced>2004-03-29</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>45738</bug> <bug>45738</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -20,8 +19,7 @@
</affected> </affected>
<background> <background>
<p> <p>
Quote from <uri Quote from <uri link="http://www.time-travellers.org/oftpd/">http://www.time-travellers
link="http://www.time-travellers.org/oftpd/">http://www.time-travellers
.org/oftpd/</uri> .org/oftpd/</uri>
</p> </p>
<p> <p>
@ -62,14 +60,14 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=net-ftp/oftpd-0.3.7&quot; # emerge -pv "&gt;=net-ftp/oftpd-0.3.7"
# emerge &quot;&gt;=net-ftp/oftpd-0.3.7&quot;</code> # emerge "&gt;=net-ftp/oftpd-0.3.7"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.time-travellers.org/oftpd/oftpd-dos.html">osftpd DoS Vulnerability</uri> <uri link="https://www.time-travellers.org/oftpd/oftpd-dos.html">osftpd DoS Vulnerability</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0376">CVE-2004-0376</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0376">CVE-2004-0376</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:52:22 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:52:22Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-09.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-09"> <glsa id="200403-09">
<title>Buffer overflow in Midnight Commander</title> <title>Buffer overflow in Midnight Commander</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
arbitrary code to be run on a user's computer arbitrary code to be run on a user's computer
</synopsis> </synopsis>
<product type="ebuild">mc</product> <product type="ebuild">mc</product>
<announced>March 29, 2004</announced> <announced>2004-03-29</announced>
<revised>March 29, 2004: 01</revised> <revised>2004-03-29: 01</revised>
<bug>45957</bug> <bug>45957</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -48,10 +47,10 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-misc/mc-4.6.0-r5" # emerge -pv "&gt;=app-misc/mc-4.6.0-r5"
# emerge ">=app-misc/mc-4.6.0-r5"</code> # emerge "&gt;=app-misc/mc-4.6.0-r5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023">CAN-2003-1023</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023">CAN-2003-1023</uri>
</references> </references>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-10.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-10"> <glsa id="200403-10">
<title>Fetchmail 6.2.5 fixes a remote DoS</title> <title>Fetchmail 6.2.5 fixes a remote DoS</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
specially-crafted email to a fetchmail user. specially-crafted email to a fetchmail user.
</synopsis> </synopsis>
<product type="ebuild">fetchmail</product> <product type="ebuild">fetchmail</product>
<announced>March 30, 2004</announced> <announced>2004-03-30</announced>
<revised>March 30, 2004: 01</revised> <revised>2004-03-30: 01</revised>
<bug>37717</bug> <bug>37717</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -49,11 +48,11 @@
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-mail/fetchmail-6.2.5" # emerge -pv "&gt;=net-mail/fetchmail-6.2.5"
# emerge ">=net-mail/fetchmail-6.2.5"</code> # emerge "&gt;=net-mail/fetchmail-6.2.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://xforce.iss.net/xforce/xfdb/13450">ISS X-Force Listing</uri> <uri link="http://xforce.iss.net/xforce/xfdb/13450">ISS X-Force Listing</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0792">CVE Candidate (CAN-2003-0792)</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0792">CVE Candidate (CAN-2003-0792)</uri>
</references> </references>
</glsa> </glsa>

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-11.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-11"> <glsa id="200403-11">
<title>Squid ACL [url_regex] bypass vulnerability</title> <title>Squid ACL [url_regex] bypass vulnerability</title>
<synopsis> <synopsis>
@ -11,8 +10,8 @@
ACL. ACL.
</synopsis> </synopsis>
<product type="ebuild">Squid</product> <product type="ebuild">Squid</product>
<announced>March 30, 2004</announced> <announced>2004-03-30</announced>
<revised>September 02, 2004: 02</revised> <revised>2004-09-02: 02</revised>
<bug>45273</bug> <bug>45273</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -32,13 +31,13 @@
<description> <description>
<p> <p>
A bug in Squid allows users to bypass certain access controls by passing a A bug in Squid allows users to bypass certain access controls by passing a
URL containing &quot;%00&quot; which exploits the Squid decoding function. URL containing "%00" which exploits the Squid decoding function.
This may insert a NUL character into decoded URLs, which may allow users to This may insert a NUL character into decoded URLs, which may allow users to
bypass url_regex access control lists that are enforced upon them. bypass url_regex access control lists that are enforced upon them.
</p> </p>
<p> <p>
In such a scenario, Squid will insert a NUL character after In such a scenario, Squid will insert a NUL character after
the&quot;%00&quot; and it will make a comparison between the URL to the end the"%00" and it will make a comparison between the URL to the end
of the NUL character rather than the contents after it: the comparison does of the NUL character rather than the contents after it: the comparison does
not result in a match, and the user's request is not denied. not result in a match, and the user's request is not denied.
</p> </p>
@ -65,14 +64,14 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-proxy/squid-2.5.5" # emerge -pv "&gt;=net-proxy/squid-2.5.5"
# emerge ">=net-proxy/squid-2.5.5"</code> # emerge "&gt;=net-proxy/squid-2.5.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189">CAN-2004-0189</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189">CAN-2004-0189</uri>
<uri link="http://www.squid-cache.org/Advisories/SQUID-2004_1.txt">Squid 2.5.STABLE5 Release Announcement</uri> <uri link="http://www.squid-cache.org/Advisories/SQUID-2004_1.txt">Squid 2.5.STABLE5 Release Announcement</uri>
</references> </references>
<metadata tag="submitter" timestamp="Thu, 2 Sep 2004 21:11:59 +0000"> <metadata tag="submitter" timestamp="2004-09-02T21:11:59Z">
vorlon078 vorlon078
</metadata> </metadata>
</glsa> </glsa>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-12.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-12"> <glsa id="200403-12">
<title>OpenLDAP DoS Vulnerability</title> <title>OpenLDAP DoS Vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
using the back-ldbm backend, to free memory that was never allocated. using the back-ldbm backend, to free memory that was never allocated.
</synopsis> </synopsis>
<product type="ebuild">openldap</product> <product type="ebuild">openldap</product>
<announced>March 31, 2004</announced> <announced>2004-03-31</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>26728</bug> <bug>26728</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -56,14 +55,14 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=net-nds/openldap-2.1.13&quot; # emerge -pv "&gt;=net-nds/openldap-2.1.13"
# emerge &quot;&gt;=net-nds/openldap-2.1.13&quot;</code> # emerge "&gt;=net-nds/openldap-2.1.13"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.openldap.org/its/index.cgi?findid=2390">OpenLDAP ITS Bug and Patch</uri> <uri link="https://www.openldap.org/its/index.cgi?findid=2390">OpenLDAP ITS Bug and Patch</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1201">CVE-2003-1201</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1201">CVE-2003-1201</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:51:37 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:51:37Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

21
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-13.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-13"> <glsa id="200403-13">
<title>Remote buffer overflow in MPlayer</title> <title>Remote buffer overflow in MPlayer</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
that may allow attackers to run arbitrary code on a user's computer. that may allow attackers to run arbitrary code on a user's computer.
</synopsis> </synopsis>
<product type="ebuild">mplayer</product> <product type="ebuild">mplayer</product>
<announced>March 31, 2004</announced> <announced>2004-03-31</announced>
<revised>October 11, 2006: 03</revised> <revised>2006-10-11: 03</revised>
<bug>46246</bug> <bug>46246</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -69,30 +68,30 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=media-video/mplayer-0.92-r1&quot; # emerge -pv "&gt;=media-video/mplayer-0.92-r1"
# emerge &quot;&gt;=media-video/mplayer-0.92-r1&quot;</code> # emerge "&gt;=media-video/mplayer-0.92-r1"</code>
<p> <p>
AMD64 users should: AMD64 users should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=media-video/mplayer-1.0_pre2-r1&quot; # emerge -pv "&gt;=media-video/mplayer-1.0_pre2-r1"
# emerge &quot;&gt;=media-video/mplayer-1.0_pre2-r1&quot;</code> # emerge "&gt;=media-video/mplayer-1.0_pre2-r1"</code>
<p> <p>
PPC users should: PPC users should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=media-video/mplayer-1.0_pre3-r2&quot; # emerge -pv "&gt;=media-video/mplayer-1.0_pre3-r2"
# emerge &quot;&gt;=media-video/mplayer-1.0_pre3-r2&quot;</code> # emerge "&gt;=media-video/mplayer-1.0_pre3-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.mplayerhq.hu/homepage/design6/news.html">MPlayerHQ News</uri> <uri link="http://www.mplayerhq.hu/homepage/design6/news.html">MPlayerHQ News</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0386">CVE-2004-0386</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0386">CVE-2004-0386</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:45:24 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:45:24Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200403-14.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200403-14"> <glsa id="200403-14">
<title>Multiple Security Vulnerabilities in Monit</title> <title>Multiple Security Vulnerabilities in Monit</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
Monit. Monit.
</synopsis> </synopsis>
<product type="ebuild">app-admin/monit</product> <product type="ebuild">app-admin/monit</product>
<announced>March 31, 2004</announced> <announced>2004-03-31</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>43967</bug> <bug>43967</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -58,16 +57,16 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=app-admin/monit-4.2&quot; # emerge -pv "&gt;=app-admin/monit-4.2"
# emerge &quot;&gt;=app-admin/monit-4.2&quot;</code> # emerge "&gt;=app-admin/monit-4.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/bid/9098">Monit HTTP Content-Length Parameter Denial of Service Vulnerability</uri> <uri link="http://www.securityfocus.com/bid/9098">Monit HTTP Content-Length Parameter Denial of Service Vulnerability</uri>
<uri link="http://www.securityfocus.com/bid/9099">Monit Overly Long HTTP Request Buffer Overrun Vulnerability</uri> <uri link="http://www.securityfocus.com/bid/9099">Monit Overly Long HTTP Request Buffer Overrun Vulnerability</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1083">CVE-2003-1083</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1083">CVE-2003-1083</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1084">CVE-2003-1084</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1084">CVE-2003-1084</uri>
</references> </references>
<metadata tag="submitter" timestamp="Mon, 22 May 2006 05:44:45 +0000"> <metadata tag="submitter" timestamp="2006-05-22T05:44:45Z">
DerCorny DerCorny
</metadata> </metadata>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-01"> <glsa id="200404-01">
<title>Insecure sandbox temporary lockfile vulnerabilities in Portage</title> <title>Insecure sandbox temporary lockfile vulnerabilities in Portage</title>
<synopsis> <synopsis>
@ -11,8 +10,8 @@
the system. the system.
</synopsis> </synopsis>
<product type="ebuild">Portage</product> <product type="ebuild">Portage</product>
<announced>April 04, 2004</announced> <announced>2004-04-04</announced>
<revised>April 04, 2004: 01</revised> <revised>2004-04-04: 01</revised>
<bug>21923</bug> <bug>21923</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -26,7 +25,7 @@
Portage is Gentoo's package management system which is responsible for Portage is Gentoo's package management system which is responsible for
installing, compiling and updating any ebuilds on the system through the installing, compiling and updating any ebuilds on the system through the
Gentoo rsync tree. Under default configurations, most ebuilds run under a Gentoo rsync tree. Under default configurations, most ebuilds run under a
sandbox which prevent the build process writing to the &quot;real&quot; sandbox which prevent the build process writing to the "real"
system outside the build directory - packages are installed into a system outside the build directory - packages are installed into a
temporary location and then copied over safely by Portage instead. During temporary location and then copied over safely by Portage instead. During
the process the sandbox wrapper creates lockfiles in the /tmp directory the process the sandbox wrapper creates lockfiles in the /tmp directory
@ -84,8 +83,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=sys-apps/portage-2.0.50-r3" # emerge -pv "&gt;=sys-apps/portage-2.0.50-r3"
# emerge ">=sys-apps/portage-2.0.50-r3"</code> # emerge "&gt;=sys-apps/portage-2.0.50-r3"</code>
</resolution> </resolution>
<references> <references>
</references> </references>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-02"> <glsa id="200404-02">
<title>KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability</title> <title>KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
unauthorized access to an affected system. unauthorized access to an affected system.
</synopsis> </synopsis>
<product type="ebuild">kde-base/kde</product> <product type="ebuild">kde-base/kde</product>
<announced>April 06, 2004</announced> <announced>2004-04-06</announced>
<revised>April 06, 2004: 01</revised> <revised>2004-04-06: 01</revised>
<bug>38256</bug> <bug>38256</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -49,11 +48,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=kde-base/kde-3.1.5" # emerge -pv "&gt;=kde-base/kde-3.1.5"
# emerge ">=kde-base/kde-3.1.5"</code> # emerge "&gt;=kde-base/kde-3.1.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0988">CAN-2003-0988</uri> <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0988">CAN-2003-0988</uri>
</references> </references>
<metadata tag="submitter">aescriva</metadata> <metadata tag="submitter">aescriva</metadata>
</glsa> </glsa>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-03"> <glsa id="200404-03">
<title>Tcpdump Vulnerabilities in ISAKMP Parsing</title> <title>Tcpdump Vulnerabilities in ISAKMP Parsing</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
parsing of ISAKMP packets. parsing of ISAKMP packets.
</synopsis> </synopsis>
<product type="ebuild">tcpdump</product> <product type="ebuild">tcpdump</product>
<announced>March 31, 2004</announced> <announced>2004-03-31</announced>
<revised>March 31, 2004: 01</revised> <revised>2004-03-31: 01</revised>
<bug>38206</bug> <bug>38206</bug>
<bug>46258</bug> <bug>46258</bug>
<access>remote</access> <access>remote</access>
@ -59,12 +58,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1" # emerge -pv "&gt;=net-libs/libpcap-0.8.3-r1" "&gt;=net-analyzer/tcpdump-3.8.3-r1"
# emerge ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1"</code> # emerge "&gt;=net-libs/libpcap-0.8.3-r1" "&gt;=net-analyzer/tcpdump-3.8.3-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.rapid7.com/advisories/R7-0017.html">Rapid7 Advisory</uri> <uri link="https://www.rapid7.com/advisories/R7-0017.html">Rapid7 Advisory</uri>
<uri link="http://rhn.redhat.com/errata/RHSA-2004-008.html">Red Hat Security Advisory</uri> <uri link="https://rhn.redhat.com/errata/RHSA-2004-008.html">Red Hat Security Advisory</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989">CVE Advisory</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989">CVE Advisory</uri>
</references> </references>
</glsa> </glsa>

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-04"> <glsa id="200404-04">
<title>Multiple vulnerabilities in sysstat</title> <title>Multiple vulnerabilities in sysstat</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
attacker to execute arbitrary code or overwrite arbitrary files attacker to execute arbitrary code or overwrite arbitrary files
</synopsis> </synopsis>
<product type="ebuild">sysstat</product> <product type="ebuild">sysstat</product>
<announced>April 06, 2004</announced> <announced>2004-04-06</announced>
<revised>April 06, 2004: 01</revised> <revised>2004-04-06: 01</revised>
<bug>45159</bug> <bug>45159</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -55,12 +54,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-admin/sysstat-5.0.2" # emerge -pv "&gt;=app-admin/sysstat-5.0.2"
# emerge ">=app-admin/sysstat-5.0.2"</code> # emerge "&gt;=app-admin/sysstat-5.0.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0107">CVE (1)</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0107">CVE (1)</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0108">CVE (2)</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0108">CVE (2)</uri>
</references> </references>
<metadata tag="submitter">klieber</metadata> <metadata tag="submitter">klieber</metadata>
</glsa> </glsa>

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-05"> <glsa id="200404-05">
<title>ipsec-tools contains an X.509 certificates vulnerability.</title> <title>ipsec-tools contains an X.509 certificates vulnerability.</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
with X.509 certificates. with X.509 certificates.
</synopsis> </synopsis>
<product type="ebuild">ipsec-tools</product> <product type="ebuild">ipsec-tools</product>
<announced>April 07, 2004</announced> <announced>2004-04-07</announced>
<revised>April 07, 2004: 01</revised> <revised>2004-04-07: 01</revised>
<bug>47013</bug> <bug>47013</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -23,8 +22,8 @@
From http://ipsec-tools.sourceforge.net/ : From http://ipsec-tools.sourceforge.net/ :
</p> </p>
<p> <p>
&quot;IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6
IPsec implementation.&quot; IPsec implementation."
</p> </p>
</background> </background>
<description> <description>
@ -54,8 +53,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-firewall/ipsec-tools-0.2.5" # emerge -pv "&gt;=net-firewall/ipsec-tools-0.2.5"
# emerge ">=net-firewall/ipsec-tools-0.2.5"</code> # emerge "&gt;=net-firewall/ipsec-tools-0.2.5"</code>
</resolution> </resolution>
<references> <references>
</references> </references>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-06"> <glsa id="200404-06">
<title>Util-linux login may leak sensitive data</title> <title>Util-linux login may leak sensitive data</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
under certain conditions. under certain conditions.
</synopsis> </synopsis>
<product type="ebuild"> </product> <product type="ebuild"> </product>
<announced>April 07, 2004</announced> <announced>2004-04-07</announced>
<revised>April 07, 2004: 01</revised> <revised>2004-04-07: 01</revised>
<bug>46422</bug> <bug>46422</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -54,12 +53,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=sys-apps/util-linux-2.12" # emerge -pv "&gt;=sys-apps/util-linux-2.12"
# emerge ">=sys-apps/util-linux-2.12" # emerge "&gt;=sys-apps/util-linux-2.12"
</code> </code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0080">CAN-2004-0080</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0080">CAN-2004-0080</uri>
</references> </references>
<metadata tag="submitter">lcars</metadata> <metadata tag="submitter">lcars</metadata>
</glsa> </glsa>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-07"> <glsa id="200404-07">
<title>ClamAV RAR Archive Remote Denial Of Service Vulnerability</title> <title>ClamAV RAR Archive Remote Denial Of Service Vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
RAR archives. RAR archives.
</synopsis> </synopsis>
<product type="ebuild">clamav</product> <product type="ebuild">clamav</product>
<announced>April 07, 2004</announced> <announced>2004-04-07</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>45357</bug> <bug>45357</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -59,11 +58,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=app-antivirus/clamav-0.68.1&quot; # emerge -pv "&gt;=app-antivirus/clamav-0.68.1"
# emerge &quot;&gt;=app-antivirus/clamav-0.68.1&quot;</code> # emerge "&gt;=app-antivirus/clamav-0.68.1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1909">CVE-2004-1909</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1909">CVE-2004-1909</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

5
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-08"> <glsa id="200404-08">
<title>GNU Automake symbolic link vulnerability</title> <title>GNU Automake symbolic link vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
attacker to modify data or elevate their privileges. attacker to modify data or elevate their privileges.
</synopsis> </synopsis>
<product type="ebuild">automake</product> <product type="ebuild">automake</product>
<announced>April 08, 2004</announced> <announced>2004-04-08</announced>
<revised>January 31, 2005: 05</revised> <revised>2005-01-31: 05</revised>
<bug>45646</bug> <bug>45646</bug>
<access>local</access> <access>local</access>
<affected> <affected>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-09.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-09"> <glsa id="200404-09">
<title>Cross-realm trust vulnerability in Heimdal</title> <title>Cross-realm trust vulnerability in Heimdal</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
over a realm to impersonate anyone in the cross-realm trust path. over a realm to impersonate anyone in the cross-realm trust path.
</synopsis> </synopsis>
<product type="ebuild">heimdal</product> <product type="ebuild">heimdal</product>
<announced>April 09, 2004</announced> <announced>2004-04-09</announced>
<revised>April 09, 2004: 01</revised> <revised>2004-04-09: 01</revised>
<bug>46590</bug> <bug>46590</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -49,11 +48,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-crypt/heimdal-0.6.1" # emerge -pv "&gt;=app-crypt/heimdal-0.6.1"
# emerge ">=app-crypt/heimdal-0.6.1"</code> # emerge "&gt;=app-crypt/heimdal-0.6.1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0371">CVE</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0371">CVE</uri>
</references> </references>
<metadata tag="submitter">klieber</metadata> <metadata tag="submitter">klieber</metadata>
</glsa> </glsa>

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-10.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-10"> <glsa id="200404-10">
<title>iproute local Denial of Service vulnerability</title> <title>iproute local Denial of Service vulnerability</title>
<synopsis> <synopsis>
The iproute package allows local users to cause a denial of service. The iproute package allows local users to cause a denial of service.
</synopsis> </synopsis>
<product type="ebuild"></product> <product type="ebuild"/>
<announced>April 09, 2004</announced> <announced>2004-04-09</announced>
<revised>April 09, 2004: 01</revised> <revised>2004-04-09: 01</revised>
<bug>34294</bug> <bug>34294</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -48,12 +47,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=sys-apps/iproute-20010824-r5"; # emerge -pv "&gt;=sys-apps/iproute-20010824-r5";
# emerge ">=sys-apps/iproute-20010824-r5"; # emerge "&gt;=sys-apps/iproute-20010824-r5";
</code> </code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0856">CAN-2003-0856</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0856">CAN-2003-0856</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
lcars lcars

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-11.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-11"> <glsa id="200404-11">
<title>Multiple Vulnerabilities in pwlib</title> <title>Multiple Vulnerabilities in pwlib</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
denial of service or buffer overflow attack. denial of service or buffer overflow attack.
</synopsis> </synopsis>
<product type="ebuild">dev-libs/pwlib</product> <product type="ebuild">dev-libs/pwlib</product>
<announced>April 09, 2004</announced> <announced>2004-04-09</announced>
<revised>April 09, 2004: 01</revised> <revised>2004-04-09: 01</revised>
<bug>45846</bug> <bug>45846</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,11 +50,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-libs/pwlib-1.5.2-r3" # emerge -pv "&gt;=dev-libs/pwlib-1.5.2-r3"
# emerge ">=dev-libs/pwlib-1.5.2-r3"</code> # emerge "&gt;=dev-libs/pwlib-1.5.2-r3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097">CAN-2004-0097</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097">CAN-2004-0097</uri>
<uri link="http://www.uniras.gov.uk/vuls/2004/006489/h323.htm">NISCC Vulnerability Advisory 006489/H323</uri> <uri link="http://www.uniras.gov.uk/vuls/2004/006489/h323.htm">NISCC Vulnerability Advisory 006489/H323</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-12.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-12"> <glsa id="200404-12">
<title>Scorched 3D server chat box format string vulnerability</title> <title>Scorched 3D server chat box format string vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
of arbitrary code. of arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">scorched3d</product> <product type="ebuild">scorched3d</product>
<announced>April 09, 2004</announced> <announced>2004-04-09</announced>
<revised>April 09, 2004: 08</revised> <revised>2004-04-09: 08</revised>
<bug>39302</bug> <bug>39302</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -21,8 +20,8 @@
</affected> </affected>
<background> <background>
<p> <p>
Scorched 3D is a game based loosely on the classic DOS game &quot;Scorched Scorched 3D is a game based loosely on the classic DOS game "Scorched
Earth&quot;. Scorched 3D adds amongst other new features a 3D island Earth". Scorched 3D adds amongst other new features a 3D island
environment and LAN and internet play. Scorched 3D is totally free and is environment and LAN and internet play. Scorched 3D is totally free and is
available for multiple operating systems. available for multiple operating systems.
</p> </p>
@ -56,8 +55,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=games-strategy/scorched3d-37" # emerge -pv "&gt;=games-strategy/scorched3d-37"
# emerge ">=games-strategy/scorched3d-37"</code> # emerge "&gt;=games-strategy/scorched3d-37"</code>
</resolution> </resolution>
<references> <references>
</references> </references>

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-13.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-13"> <glsa id="200404-13">
<title>CVS Server and Client Vulnerabilities</title> <title>CVS Server and Client Vulnerabilities</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
files on both client and server. files on both client and server.
</synopsis> </synopsis>
<product type="ebuild">cvs</product> <product type="ebuild">cvs</product>
<announced>April 14, 2004</announced> <announced>2004-04-14</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>47800</bug> <bug>47800</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -57,13 +56,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=dev-util/cvs-1.11.15&quot; # emerge -pv "&gt;=dev-util/cvs-1.11.15"
# emerge &quot;&gt;=dev-util/cvs-1.11.15&quot;</code> # emerge "&gt;=dev-util/cvs-1.11.15"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.92&amp;content-type=text/x-cvsweb-markup">CVS commit log</uri> <uri link="http://ccvs.cvshome.org/source/browse/ccvs/NEWS?rev=1.116.2.92&amp;content-type=text/x-cvsweb-markup">CVS commit log</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180">CVE-2004-0180</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180">CVE-2004-0180</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405">CVE-2004-0405</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405">CVE-2004-0405</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
condordes condordes

14
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-14.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-14"> <glsa id="200404-14">
<title>Multiple format string vulnerabilities in cadaver</title> <title>Multiple format string vulnerabilities in cadaver</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
to a malicious server. to a malicious server.
</synopsis> </synopsis>
<product type="ebuild">cadaver</product> <product type="ebuild">cadaver</product>
<announced>April 19, 2004</announced> <announced>2004-04-19</announced>
<revised>April 19, 2004: 01</revised> <revised>2004-04-19: 01</revised>
<bug>47799</bug> <bug>47799</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -21,8 +20,7 @@
</affected> </affected>
<background> <background>
<p> <p>
According to <uri According to <uri link="http://www.webdav.org/cadaver">http://www.webdav.org/cadaver</uri>,
link="http://www.webdav.org/cadaver">http://www.webdav.org/cadaver</uri>,
cadaver is a command-line WebDAV client for Unix. It supports file upload, cadaver is a command-line WebDAV client for Unix. It supports file upload,
download, on-screen display, namespace operations (move/copy), collection download, on-screen display, namespace operations (move/copy), collection
creation and deletion, and locking operations. creation and deletion, and locking operations.
@ -56,11 +54,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/cadaver-0.22.1" # emerge -pv "&gt;=net-misc/cadaver-0.22.1"
# emerge ">=net-misc/cadaver-0.22.1"</code> # emerge "&gt;=net-misc/cadaver-0.22.1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CAN-2004-0179</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CAN-2004-0179</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-15.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-15"> <glsa id="200404-15">
<title>XChat 2.0.x SOCKS5 Vulnerability</title> <title>XChat 2.0.x SOCKS5 Vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
run arbitrary code. run arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">xchat</product> <product type="ebuild">xchat</product>
<announced>April 19, 2004</announced> <announced>2004-04-19</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>46856</bug> <bug>46856</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -50,8 +49,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=net-irc/xchat-2.0.8-r1&quot; # emerge -pv "&gt;=net-irc/xchat-2.0.8-r1"
# emerge &quot;&gt;=net-irc/xchat-2.0.8-r1&quot;</code> # emerge "&gt;=net-irc/xchat-2.0.8-r1"</code>
<p> <p>
Note that users of the gtk1 version of xchat (1.8.*) should upgrade to Note that users of the gtk1 version of xchat (1.8.*) should upgrade to
xchat-1.8.11-r1: xchat-1.8.11-r1:
@ -59,12 +58,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;=net-irc/xchat-1.8.11-r1&quot; # emerge -pv "=net-irc/xchat-1.8.11-r1"
# emerge &quot;=net-irc/xchat-1.8.11-r1&quot;</code> # emerge "=net-irc/xchat-1.8.11-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html">XChat 2.0.x SOCKS5 Vulnerability</uri> <uri link="https://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html">XChat 2.0.x SOCKS5 Vulnerability</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0409">CVE-2004-0409</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0409">CVE-2004-0409</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-16.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-16"> <glsa id="200404-16">
<title>Multiple new security vulnerabilities in monit</title> <title>Multiple new security vulnerabilities in monit</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
possibly leading to denial of service or execution of arbitrary code. possibly leading to denial of service or execution of arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">monit</product> <product type="ebuild">monit</product>
<announced>April 19, 2004</announced> <announced>2004-04-19</announced>
<revised>April 19, 2004: 01</revised> <revised>2004-04-19: 01</revised>
<bug>47631</bug> <bug>47631</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -51,8 +50,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-admin/monit-4.2.1" # emerge -pv "&gt;=app-admin/monit-4.2.1"
# emerge ">=app-admin/monit-4.2.1"</code> # emerge "&gt;=app-admin/monit-4.2.1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.tildeslash.com/monit/secadv_20040305.txt">Monit security advisory 20040305</uri> <uri link="http://www.tildeslash.com/monit/secadv_20040305.txt">Monit security advisory 20040305</uri>

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-17.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-17"> <glsa id="200404-17">
<title>ipsec-tools and iputils contain a remote DoS vulnerability</title> <title>ipsec-tools and iputils contain a remote DoS vulnerability</title>
<synopsis> <synopsis>
@ -10,8 +9,8 @@
system resoources, causing a Denial of Service. system resoources, causing a Denial of Service.
</synopsis> </synopsis>
<product type="ebuild">ipsec-utils</product> <product type="ebuild">ipsec-utils</product>
<announced>April 24, 2004</announced> <announced>2004-04-24</announced>
<revised>April 24, 2004: 01</revised> <revised>2004-04-24: 01</revised>
<bug>48847</bug> <bug>48847</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -65,19 +64,19 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-firewall/ipsec-tools-0.3.1" # emerge -pv "&gt;=net-firewall/ipsec-tools-0.3.1"
# emerge ">=net-firewall/ipsec-tools-0.3.1"</code> # emerge "&gt;=net-firewall/ipsec-tools-0.3.1"</code>
<p> <p>
iputils users should upgrade to version 021109-r3 or later: iputils users should upgrade to version 021109-r3 or later:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/iputils-021109-r3" # emerge -pv "&gt;=net-misc/iputils-021109-r3"
# emerge ">=net-misc/iputils-021109-r3"</code> # emerge "&gt;=net-misc/iputils-021109-r3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0403">CVE</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0403">CVE</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-18.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-18"> <glsa id="200404-18">
<title>Multiple Vulnerabilities in ssmtp</title> <title>Multiple Vulnerabilities in ssmtp</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
(potentially root). (potentially root).
</synopsis> </synopsis>
<product type="ebuild">ssmtp</product> <product type="ebuild">ssmtp</product>
<announced>April 26, 2004</announced> <announced>2004-04-26</announced>
<revised>April 26, 2004: 01</revised> <revised>2004-04-26: 01</revised>
<bug>47918</bug> <bug>47918</bug>
<bug>48435</bug> <bug>48435</bug>
<access>remote root </access> <access>remote root </access>
@ -55,13 +54,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=mail-mta/ssmtp-2.60.7" # emerge -pv "&gt;=mail-mta/ssmtp-2.60.7"
# emerge ">=mail-mta/ssmtp-2.60.7"</code> # emerge "&gt;=mail-mta/ssmtp-2.60.7"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://secunia.com/advisories/11378/">Secunia Advisory</uri> <uri link="https://secunia.com/advisories/11378/">Secunia Advisory</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0156">CVE Reference</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0156">CVE Reference</uri>
<uri link="http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00084.html">Debian Advisory</uri> <uri link="https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00084.html">Debian Advisory</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
condordes condordes

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-19.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-19"> <glsa id="200404-19">
<title>Buffer overflows and format string vulnerabilities in LCDproc</title> <title>Buffer overflows and format string vulnerabilities in LCDproc</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
allowing execution of arbitrary code with the rights of the LCDd user. allowing execution of arbitrary code with the rights of the LCDd user.
</synopsis> </synopsis>
<product type="ebuild">lcdproc</product> <product type="ebuild">lcdproc</product>
<announced>April 27, 2004</announced> <announced>2004-04-27</announced>
<revised>April 27, 2004: 01</revised> <revised>2004-04-27: 01</revised>
<bug>47340</bug> <bug>47340</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -53,8 +52,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-misc/lcdproc-0.4.5" # emerge -pv "&gt;=app-misc/lcdproc-0.4.5"
# emerge ">=app-misc/lcdproc-0.4.5"</code> # emerge "&gt;=app-misc/lcdproc-0.4.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html">LCDproc advisory</uri> <uri link="http://lists.omnipotent.net/pipermail/lcdproc/2004-April/008884.html">LCDproc advisory</uri>

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-20.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-20"> <glsa id="200404-20">
<title>Multiple vulnerabilities in xine</title> <title>Multiple vulnerabilities in xine</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
user. user.
</synopsis> </synopsis>
<product type="ebuild">xine</product> <product type="ebuild">xine</product>
<announced>April 27, 2004</announced> <announced>2004-04-27</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>45448</bug> <bug>45448</bug>
<bug>48107</bug> <bug>48107</bug>
<bug>48108</bug> <bug>48108</bug>
@ -69,17 +68,17 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=media-video/xine-ui-0.9.23-r2&quot; # emerge -pv "&gt;=media-video/xine-ui-0.9.23-r2"
# emerge &quot;&gt;=media-video/xine-ui-0.9.23-r2&quot; # emerge "&gt;=media-video/xine-ui-0.9.23-r2"
# emerge -pv &quot;&gt;=media-libs/xine-lib-1_rc3-r3&quot; # emerge -pv "&gt;=media-libs/xine-lib-1_rc3-r3"
# emerge &quot;&gt;=media-libs/xine-lib-1_rc3-r3&quot;</code> # emerge "&gt;=media-libs/xine-lib-1_rc3-r3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://xinehq.de/index.php/security">Xine Security Advisories</uri> <uri link="http://xinehq.de/index.php/security">Xine Security Advisories</uri>
<uri link="http://nettwerked.mg2.org/advisories/xinebug">xine-bugreport and xine-check vulnerability</uri> <uri link="http://nettwerked.mg2.org/advisories/xinebug">xine-bugreport and xine-check vulnerability</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0372">CVE-2004-0372</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0372">CVE-2004-0372</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1951">CVE-2004-1951</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1951">CVE-2004-1951</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200404-21.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200404-21"> <glsa id="200404-21">
<title>Multiple Vulnerabilities in Samba</title> <title>Multiple Vulnerabilities in Samba</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
vulnerability in the smbprint script distributed with Samba. vulnerability in the smbprint script distributed with Samba.
</synopsis> </synopsis>
<product type="ebuild">samba</product> <product type="ebuild">samba</product>
<announced>April 29, 2004</announced> <announced>2004-04-29</announced>
<revised>April 29, 2004: 01</revised> <revised>2004-04-29: 01</revised>
<bug>41800</bug> <bug>41800</bug>
<bug>45965</bug> <bug>45965</bug>
<access>local </access> <access>local </access>
@ -74,8 +73,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-fs/samba-3.0.2a-r2" # emerge -pv "&gt;=net-fs/samba-3.0.2a-r2"
# emerge ">=net-fs/samba-3.0.2a-r2"</code> # emerge "&gt;=net-fs/samba-3.0.2a-r2"</code>
<p> <p>
Those who are using Samba's password database also need to run the Those who are using Samba's password database also need to run the
following command: following command:

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-01"> <glsa id="200405-01">
<title>Multiple format string vulnerabilities in neon 0.24.4 and earlier</title> <title>Multiple format string vulnerabilities in neon 0.24.4 and earlier</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
a malicious WebDAV server to execute arbitrary code. a malicious WebDAV server to execute arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">neon</product> <product type="ebuild">neon</product>
<announced>May 09, 2004</announced> <announced>2004-05-09</announced>
<revised>May 09, 2004: 01</revised> <revised>2004-05-09: 01</revised>
<bug>48448</bug> <bug>48448</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -49,11 +48,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/neon-0.24.5" # emerge -pv "&gt;=net-misc/neon-0.24.5"
# emerge ">=net-misc/neon-0.24.5"</code> # emerge "&gt;=net-misc/neon-0.24.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CVE</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CVE</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-02"> <glsa id="200405-02">
<title>Multiple vulnerabilities in LHa</title> <title>Multiple vulnerabilities in LHa</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
code or as a denial of service attack. code or as a denial of service attack.
</synopsis> </synopsis>
<product type="ebuild">lha</product> <product type="ebuild">lha</product>
<announced>May 09, 2004</announced> <announced>2004-05-09</announced>
<revised>October 20, 2006: 02</revised> <revised>2006-10-20: 02</revised>
<bug>49961</bug> <bug>49961</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -57,12 +56,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-arch/lha-114i-r2" # emerge -pv "&gt;=app-arch/lha-114i-r2"
# emerge ">=app-arch/lha-114i-r2"</code> # emerge "&gt;=app-arch/lha-114i-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0234">CAN-2004-0234</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0234">CAN-2004-0234</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0235">CAN-2004-0235</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0235">CAN-2004-0235</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-03.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-03"> <glsa id="200405-03">
<title>ClamAV VirusEvent parameter vulnerability</title> <title>ClamAV VirusEvent parameter vulnerability</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
commands. commands.
</synopsis> </synopsis>
<product type="ebuild">ClamAV</product> <product type="ebuild">ClamAV</product>
<announced>May 11, 2004</announced> <announced>2004-05-11</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>46264</bug> <bug>46264</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -64,11 +63,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=app-antivirus/clamav-0.70&quot; # emerge -pv "&gt;=app-antivirus/clamav-0.70"
# emerge &quot;&gt;=app-antivirus/clamav-0.70&quot;</code> # emerge "&gt;=app-antivirus/clamav-0.70"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1876">CVE-2004-1876</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1876">CVE-2004-1876</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

29
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-04.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-04"> <glsa id="200405-04">
<title>OpenOffice.org vulnerability when using DAV servers</title> <title>OpenOffice.org vulnerability when using DAV servers</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
when connected to an untrusted WebDAV server. when connected to an untrusted WebDAV server.
</synopsis> </synopsis>
<product type="ebuild">openoffice</product> <product type="ebuild">openoffice</product>
<announced>May 11, 2004</announced> <announced>2004-05-11</announced>
<revised>October 27, 2004: 02</revised> <revised>2004-10-27: 02</revised>
<bug>47926</bug> <bug>47926</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -76,44 +75,44 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-office/openoffice-1.1.1-r1" # emerge -pv "&gt;=app-office/openoffice-1.1.1-r1"
# emerge ">=app-office/openoffice-1.1.1-r1"</code> # emerge "&gt;=app-office/openoffice-1.1.1-r1"</code>
<p> <p>
openoffice users on the sparc architecture should: openoffice users on the sparc architecture should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-office/openoffice-1.1.0-r3" # emerge -pv "&gt;=app-office/openoffice-1.1.0-r3"
# emerge ">=app-office/openoffice-1.1.0-r3"</code> # emerge "&gt;=app-office/openoffice-1.1.0-r3"</code>
<p> <p>
openoffice users on the ppc architecture should: openoffice users on the ppc architecture should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-office/openoffice-1.0.3-r1" # emerge -pv "&gt;=app-office/openoffice-1.0.3-r1"
# emerge ">=app-office/openoffice-1.0.3-r1"</code> # emerge "&gt;=app-office/openoffice-1.0.3-r1"</code>
<p> <p>
openoffice-ximian users should: openoffice-ximian users should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-office/openoffice-ximian-1.1.51-r1" # emerge -pv "&gt;=app-office/openoffice-ximian-1.1.51-r1"
# emerge ">=app-office/openoffice-ximian-1.1.51-r1"</code> # emerge "&gt;=app-office/openoffice-ximian-1.1.51-r1"</code>
<p> <p>
openoffice-bin users should: openoffice-bin users should:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-office/openoffice-bin-1.1.2" # emerge -pv "&gt;=app-office/openoffice-bin-1.1.2"
# emerge ">=app-office/openoffice-bin-1.1.2"</code> # emerge "&gt;=app-office/openoffice-bin-1.1.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CAN-2004-0179</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179">CAN-2004-0179</uri>
<uri link="/security/en/glsa/glsa-200405-01.xml">Neon vulnerabilities (GLSA 200405-01)</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-01.xml">Neon vulnerabilities (GLSA 200405-01)</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-05"> <glsa id="200405-05">
<title>Utempter symlink vulnerability</title> <title>Utempter symlink vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
arbitrary files via a symlink attack. arbitrary files via a symlink attack.
</synopsis> </synopsis>
<product type="ebuild">utempter</product> <product type="ebuild">utempter</product>
<announced>May 13, 2004</announced> <announced>2004-05-13</announced>
<revised>May 13, 2004: 01</revised> <revised>2004-05-13: 01</revised>
<bug>49536</bug> <bug>49536</bug>
<access>local </access> <access>local </access>
<affected> <affected>
@ -49,11 +48,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=sys-apps/utempter-0.5.5.4" # emerge -pv "&gt;=sys-apps/utempter-0.5.5.4"
# emerge ">=sys-apps/utempter-0.5.5.4"</code> # emerge "&gt;=sys-apps/utempter-0.5.5.4"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0233">CAN-2004-0233</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0233">CAN-2004-0233</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-06"> <glsa id="200405-06">
<title>libpng denial of service vulnerability</title> <title>libpng denial of service vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
that library to decode PNG images. that library to decode PNG images.
</synopsis> </synopsis>
<product type="ebuild">libpng</product> <product type="ebuild">libpng</product>
<announced>May 14, 2004</announced> <announced>2004-05-14</announced>
<revised>May 14, 2004: 01</revised> <revised>2004-05-14: 01</revised>
<bug>49887</bug> <bug>49887</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -53,8 +52,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=media-libs/libpng-1.2.5-r5" # emerge -pv "&gt;=media-libs/libpng-1.2.5-r5"
# emerge ">=media-libs/libpng-1.2.5-r5"</code> # emerge "&gt;=media-libs/libpng-1.2.5-r5"</code>
<p> <p>
You should also run revdep-rebuild to rebuild any packages that depend on You should also run revdep-rebuild to rebuild any packages that depend on
older versions of libpng : older versions of libpng :
@ -63,7 +62,7 @@
# revdep-rebuild</code> # revdep-rebuild</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421">CAN-2004-0421</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421">CAN-2004-0421</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-07"> <glsa id="200405-07">
<title>Exim verify=header_syntax buffer overflow</title> <title>Exim verify=header_syntax buffer overflow</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
Exim that allows remote execution of arbitrary code. Exim that allows remote execution of arbitrary code.
</synopsis> </synopsis>
<product type="ebuild">Exim</product> <product type="ebuild">Exim</product>
<announced>May 14, 2004</announced> <announced>2004-05-14</announced>
<revised>May 14, 2004: 01</revised> <revised>2004-05-14: 01</revised>
<bug>50217</bug> <bug>50217</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -52,11 +51,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=mail-mta/exim-4.33-r1" # emerge -pv "&gt;=mail-mta/exim-4.33-r1"
# emerge ">=mail-mta/exim-4.33-r1"</code> # emerge "&gt;=mail-mta/exim-4.33-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0400">CAN-2004-0400</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0400">CAN-2004-0400</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-08"> <glsa id="200405-08">
<title>Pound format string vulnerability</title> <title>Pound format string vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
arbitrary code with the rights of the Pound process. arbitrary code with the rights of the Pound process.
</synopsis> </synopsis>
<product type="ebuild">pound</product> <product type="ebuild">pound</product>
<announced>May 18, 2004</announced> <announced>2004-05-18</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>50421</bug> <bug>50421</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,12 +50,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=www-servers/pound-1.6&quot; # emerge -pv "&gt;=www-servers/pound-1.6"
# emerge &quot;&gt;=www-servers/pound-1.6&quot;</code> # emerge "&gt;=www-servers/pound-1.6"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000">Pound announcement</uri> <uri link="http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000">Pound announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2026">CVE-2004-2026</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2026">CVE-2004-2026</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-09.xml vendored
View File

@ -1,16 +1,15 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-09"> <glsa id="200405-09">
<title>ProFTPD Access Control List bypass vulnerability</title> <title>ProFTPD Access Control List bypass vulnerability</title>
<synopsis> <synopsis>
Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based
Access Control Lists (ACLs) to be treated as &quot;AllowAll&quot;, thereby Access Control Lists (ACLs) to be treated as "AllowAll", thereby
allowing remote users full access to files available to the FTP daemon. allowing remote users full access to files available to the FTP daemon.
</synopsis> </synopsis>
<product type="ebuild">proftpd</product> <product type="ebuild">proftpd</product>
<announced>May 19, 2004</announced> <announced>2004-05-19</announced>
<revised>May 19, 2004: 01</revised> <revised>2004-05-19: 01</revised>
<bug>49496</bug> <bug>49496</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -52,11 +51,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-ftp/proftpd-1.2.9-r2" # emerge -pv "&gt;=net-ftp/proftpd-1.2.9-r2"
# emerge ">=net-ftp/proftpd-1.2.9-r2"</code> # emerge "&gt;=net-ftp/proftpd-1.2.9-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0432">CAN-2004-0432</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0432">CAN-2004-0432</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-10.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-10"> <glsa id="200405-10">
<title>Icecast denial of service vulnerability</title> <title>Icecast denial of service vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
to crash the application. to crash the application.
</synopsis> </synopsis>
<product type="ebuild">icecast</product> <product type="ebuild">icecast</product>
<announced>May 19, 2004</announced> <announced>2004-05-19</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>50935</bug> <bug>50935</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,12 +50,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=net-misc/icecast-2.0.1&quot; # emerge -pv "&gt;=net-misc/icecast-2.0.1"
# emerge &quot;&gt;=net-misc/icecast-2.0.1&quot;</code> # emerge "&gt;=net-misc/icecast-2.0.1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.xiph.org/archives/icecast/7144.html">Icecast 2.0.1 announcement</uri> <uri link="https://www.xiph.org/archives/icecast/7144.html">Icecast 2.0.1 announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2027">CVE-2004-2027</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2027">CVE-2004-2027</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-11.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-11"> <glsa id="200405-11">
<title>KDE URI Handler Vulnerabilities</title> <title>KDE URI Handler Vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
attacks. attacks.
</synopsis> </synopsis>
<product type="ebuild">kdelibs</product> <product type="ebuild">kdelibs</product>
<announced>May 19, 2004</announced> <announced>2004-05-19</announced>
<revised>May 19, 2004: 01</revised> <revised>2004-05-19: 01</revised>
<bug>51276</bug> <bug>51276</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -64,11 +63,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=kde-base/kdelibs-3.2.2-r1" # emerge -pv "&gt;=kde-base/kdelibs-3.2.2-r1"
# emerge ">=kde-base/kdelibs-3.2.2-r1"</code> # emerge "&gt;=kde-base/kdelibs-3.2.2-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0411">CAN-2004-0411</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0411">CAN-2004-0411</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-12.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-12"> <glsa id="200405-12">
<title>CVS heap overflow vulnerability</title> <title>CVS heap overflow vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
compromise. compromise.
</synopsis> </synopsis>
<product type="ebuild">cvs</product> <product type="ebuild">cvs</product>
<announced>May 20, 2004</announced> <announced>2004-05-20</announced>
<revised>May 20, 2004: 01</revised> <revised>2004-05-20: 01</revised>
<bug>51460</bug> <bug>51460</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -53,12 +52,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-util/cvs-1.11.16" # emerge -pv "&gt;=dev-util/cvs-1.11.16"
# emerge ">=dev-util/cvs-1.11.16"</code> # emerge "&gt;=dev-util/cvs-1.11.16"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://security.e-matters.de/advisories/072004.html">E-matters advisory 07/2004</uri> <uri link="http://security.e-matters.de/advisories/072004.html">E-matters advisory 07/2004</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396">CAN-2004-0396</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396">CAN-2004-0396</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-13.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-13"> <glsa id="200405-13">
<title>neon heap-based buffer overflow</title> <title>neon heap-based buffer overflow</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
been discovered in the neon library. been discovered in the neon library.
</synopsis> </synopsis>
<product type="ebuild">neon</product> <product type="ebuild">neon</product>
<announced>May 20, 2004</announced> <announced>2004-05-20</announced>
<revised>May 20, 2004: 01</revised> <revised>2004-05-20: 01</revised>
<bug>51490</bug> <bug>51490</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -50,12 +49,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/neon-0.24.6" # emerge -pv "&gt;=net-misc/neon-0.24.6"
# emerge ">=net-misc/neon-0.24.6"</code> # emerge "&gt;=net-misc/neon-0.24.6"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://security.e-matters.de/advisories/062004.html">E-matters advisory 06/2004</uri> <uri link="http://security.e-matters.de/advisories/062004.html">E-matters advisory 06/2004</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398">CAN-2004-0398</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398">CAN-2004-0398</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-14.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-14"> <glsa id="200405-14">
<title>Buffer overflow in Subversion</title> <title>Buffer overflow in Subversion</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
client and server are vulnerable. client and server are vulnerable.
</synopsis> </synopsis>
<product type="ebuild">subversion</product> <product type="ebuild">subversion</product>
<announced>May 20, 2004</announced> <announced>2004-05-20</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>51462</bug> <bug>51462</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -60,13 +59,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=dev-util/subversion-1.0.3&quot; # emerge -pv "&gt;=dev-util/subversion-1.0.3"
# emerge &quot;&gt;=dev-util/subversion-1.0.3&quot;</code> # emerge "&gt;=dev-util/subversion-1.0.3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://subversion.tigris.org/servlets/ReadMsg?list=announce&amp;msgNo=125">Subversion Announcement</uri> <uri link="http://subversion.tigris.org/servlets/ReadMsg?list=announce&amp;msgNo=125">Subversion Announcement</uri>
<uri link="http://security.e-matters.de/advisories/082004.html">E-Matters Advisory</uri> <uri link="http://security.e-matters.de/advisories/082004.html">E-Matters Advisory</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0397">CVE-2004-0397</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0397">CVE-2004-0397</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
condordes condordes

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-15.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-15"> <glsa id="200405-15">
<title>cadaver heap-based buffer overflow</title> <title>cadaver heap-based buffer overflow</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
connected to a malicious server. connected to a malicious server.
</synopsis> </synopsis>
<product type="ebuild">cadaver</product> <product type="ebuild">cadaver</product>
<announced>May 20, 2004</announced> <announced>2004-05-20</announced>
<revised>May 20, 2004: 01</revised> <revised>2004-05-20: 01</revised>
<bug>51461</bug> <bug>51461</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -50,12 +49,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/cadaver-0.22.2" # emerge -pv "&gt;=net-misc/cadaver-0.22.2"
# emerge ">=net-misc/cadaver-0.22.2"</code> # emerge "&gt;=net-misc/cadaver-0.22.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398">CAN-2004-0398</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398">CAN-2004-0398</uri>
<uri link="/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-16.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-16"> <glsa id="200405-16">
<title>Multiple XSS Vulnerabilities in SquirrelMail</title> <title>Multiple XSS Vulnerabilities in SquirrelMail</title>
<synopsis> <synopsis>
SquirrelMail is subject to several XSS and one SQL injection vulnerability. SquirrelMail is subject to several XSS and one SQL injection vulnerability.
</synopsis> </synopsis>
<product type="ebuild">SquirrelMail</product> <product type="ebuild">SquirrelMail</product>
<announced>May 25, 2004</announced> <announced>2004-05-25</announced>
<revised>May 27, 2006: 04</revised> <revised>2006-05-27: 04</revised>
<bug>49675</bug> <bug>49675</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -54,15 +53,15 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=mail-client/squirrelmail-1.4.3_rc1&quot; # emerge -pv "&gt;=mail-client/squirrelmail-1.4.3_rc1"
# emerge &quot;&gt;=mail-client/squirrelmail-1.4.3_rc1&quot;</code> # emerge "&gt;=mail-client/squirrelmail-1.4.3_rc1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://sourceforge.net/mailarchive/forum.php?thread_id=4199060&amp;forum_id=1988">SquirrelMail 1.4.3_rc1 release annoucement</uri> <uri link="https://sourceforge.net/mailarchive/forum.php?thread_id=4199060&amp;forum_id=1988">SquirrelMail 1.4.3_rc1 release annoucement</uri>
<uri link="http://www.securityfocus.com/bid/10246/">Bugtraq security annoucement</uri> <uri link="http://www.securityfocus.com/bid/10246/">Bugtraq security annoucement</uri>
<uri link="http://www.cert.org/advisories/CA-2000-02.html">CERT description of XSS</uri> <uri link="https://www.cert.org/advisories/CA-2000-02.html">CERT description of XSS</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0519">CVE-2004-0519</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0519">CVE-2004-0519</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0521">CVE-2004-0521</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0521">CVE-2004-0521</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-17.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-17"> <glsa id="200405-17">
<title>Multiple vulnerabilities in metamail</title> <title>Multiple vulnerabilities in metamail</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
metamail, potentially allowing execution of arbitrary code remotely. metamail, potentially allowing execution of arbitrary code remotely.
</synopsis> </synopsis>
<product type="ebuild">metamail</product> <product type="ebuild">metamail</product>
<announced>May 21, 2004</announced> <announced>2004-05-21</announced>
<revised>May 21, 2004: 01</revised> <revised>2004-05-21: 01</revised>
<bug>42133</bug> <bug>42133</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -48,12 +47,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-mail/metamail-2.7.45.3" # emerge -pv "&gt;=net-mail/metamail-2.7.45.3"
# emerge ">=net-mail/metamail-2.7.45.3"</code> # emerge "&gt;=net-mail/metamail-2.7.45.3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104">CAN-2004-0104</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104">CAN-2004-0104</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0105">CAN-2004-0105</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0105">CAN-2004-0105</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-18.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-18"> <glsa id="200405-18">
<title>Buffer Overflow in Firebird</title> <title>Buffer Overflow in Firebird</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
binaries. binaries.
</synopsis> </synopsis>
<product type="ebuild">firebird</product> <product type="ebuild">firebird</product>
<announced>May 23, 2004</announced> <announced>2004-05-23</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>20837</bug> <bug>20837</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -52,13 +51,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=dev-db/firebird-1.5&quot; # emerge -pv "&gt;=dev-db/firebird-1.5"
# emerge &quot;&gt;=dev-db/firebird-1.5&quot;</code> # emerge "&gt;=dev-db/firebird-1.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://securityfocus.com/bid/7546/info/">Bugtraq Security Announcement</uri> <uri link="http://securityfocus.com/bid/7546/info/">Bugtraq Security Announcement</uri>
<uri link=" http://sourceforge.net/tracker/?group_id=9028&amp;atid=109028&amp;func=detail&amp;aid=739480">Sourceforge BugTracker Announcement</uri> <uri link=" https://sourceforge.net/tracker/?group_id=9028&amp;atid=109028&amp;func=detail&amp;aid=739480">Sourceforge BugTracker Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0281">CVE-2003-0281</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0281">CVE-2003-0281</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
dmargoli dmargoli

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-19.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-19"> <glsa id="200405-19">
<title>Opera telnet URI handler file creation/truncation vulnerability</title> <title>Opera telnet URI handler file creation/truncation vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
remote attacker to overwrite arbitrary files. remote attacker to overwrite arbitrary files.
</synopsis> </synopsis>
<product type="ebuild">opera</product> <product type="ebuild">opera</product>
<announced>May 25, 2004</announced> <announced>2004-05-25</announced>
<revised>December 30, 2007: 03</revised> <revised>2007-12-30: 03</revised>
<bug>50857</bug> <bug>50857</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -62,12 +61,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=www-client/opera-7.50_beta1&quot; # emerge -pv "&gt;=www-client/opera-7.50_beta1"
# emerge &quot;&gt;=www-client/opera-7.50_beta1&quot;</code> # emerge "&gt;=www-client/opera-7.50_beta1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.idefense.com/application/poi/display?id=104&amp;type=vulnerabilities&amp;flashstatus=true">iDEFENSE Security Advisory 05.12.04</uri> <uri link="http://www.idefense.com/application/poi/display?id=104&amp;type=vulnerabilities&amp;flashstatus=true">iDEFENSE Security Advisory 05.12.04</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0473">CVE-2004-0473</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0473">CVE-2004-0473</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
klieber klieber

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-20.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-20"> <glsa id="200405-20">
<title>Insecure Temporary File Creation In MySQL</title> <title>Insecure Temporary File Creation In MySQL</title>
<synopsis> <synopsis>
@ -9,8 +8,8 @@
data. data.
</synopsis> </synopsis>
<product type="ebuild">MySQL</product> <product type="ebuild">MySQL</product>
<announced>May 25, 2004</announced> <announced>2004-05-25</announced>
<revised>May 25, 2004: 01</revised> <revised>2004-05-25: 01</revised>
<bug>46242</bug> <bug>46242</bug>
<access>local </access> <access>local </access>
<affected> <affected>
@ -55,12 +54,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-db/mysql-4.0.18-r2" # emerge -pv "&gt;=dev-db/mysql-4.0.18-r2"
# emerge ">=dev-db/mysql-4.0.18-r2"</code> # emerge "&gt;=dev-db/mysql-4.0.18-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0381">CAN-2004-0381</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0381">CAN-2004-0381</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0388">CAN-2004-0388</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0388">CAN-2004-0388</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
dmargoli dmargoli

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-21.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-21"> <glsa id="200405-21">
<title>Midnight Commander: Multiple vulnerabilities</title> <title>Midnight Commander: Multiple vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
including several buffer overflows and string format vulnerabilities. including several buffer overflows and string format vulnerabilities.
</synopsis> </synopsis>
<product type="ebuild">MC</product> <product type="ebuild">MC</product>
<announced>May 26, 2004</announced> <announced>2004-05-26</announced>
<revised>May 26, 2004: 01</revised> <revised>2004-05-26: 01</revised>
<bug>49990</bug> <bug>49990</bug>
<access>local </access> <access>local </access>
<affected> <affected>
@ -53,13 +52,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-misc/mc-4.6.0-r7 # emerge -pv "&gt;=app-misc/mc-4.6.0-r7
# emerge ">=app-misc/mc-4.6.0-r7"</code> # emerge "&gt;=app-misc/mc-4.6.0-r7"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226">CAN-2004-0226</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226">CAN-2004-0226</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231">CAN-2004-0231</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231">CAN-2004-0231</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232">CAN-2004-0232</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232">CAN-2004-0232</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-22.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-22"> <glsa id="200405-22">
<title>Apache 1.3: Multiple vulnerabilities</title> <title>Apache 1.3: Multiple vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
Apache 1.3. Apache 1.3.
</synopsis> </synopsis>
<product type="ebuild">Apache</product> <product type="ebuild">Apache</product>
<announced>May 26, 2004</announced> <announced>2004-05-26</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>51815</bug> <bug>51815</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -68,14 +67,14 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=www-servers/apache-1.3.31" # emerge -pv "&gt;=www-servers/apache-1.3.31"
# emerge ">=www-servers/apache-1.3.31"</code> # emerge "&gt;=www-servers/apache-1.3.31"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993">CAN-2003-0993</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993">CAN-2003-0993</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020">CAN-2003-0020</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020">CAN-2003-0020</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987">CAN-2003-0987</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987">CAN-2003-0987</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174">CAN-2004-0174</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174">CAN-2004-0174</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-23.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-23"> <glsa id="200405-23">
<title>Heimdal: Kerberos 4 buffer overflow in kadmin</title> <title>Heimdal: Kerberos 4 buffer overflow in kadmin</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
discovered. discovered.
</synopsis> </synopsis>
<product type="ebuild">Heimdal</product> <product type="ebuild">Heimdal</product>
<announced>May 27, 2004</announced> <announced>2004-05-27</announced>
<revised>May 27, 2004: 01</revised> <revised>2004-05-27: 01</revised>
<bug>50208</bug> <bug>50208</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -50,12 +49,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=app-crypt/heimdal-0.6.2" # emerge -pv "&gt;=app-crypt/heimdal-0.6.2"
# emerge ">=app-crypt/heimdal-0.6.2"</code> # emerge "&gt;=app-crypt/heimdal-0.6.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.pdc.kth.se/heimdal/advisory/2004-05-06/">Heimdal 0.6.2 Release Notice</uri> <uri link="https://www.pdc.kth.se/heimdal/advisory/2004-05-06/">Heimdal 0.6.2 Release Notice</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0434">CAN-2004-0434</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0434">CAN-2004-0434</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-24.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-24"> <glsa id="200405-24">
<title>MPlayer, xine-lib: vulnerabilities in RTSP stream handling</title> <title>MPlayer, xine-lib: vulnerabilities in RTSP stream handling</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
have been found in code common to MPlayer and the xine library. have been found in code common to MPlayer and the xine library.
</synopsis> </synopsis>
<product type="ebuild">mplayer</product> <product type="ebuild">mplayer</product>
<announced>May 28, 2004</announced> <announced>2004-05-28</announced>
<revised>May 28, 2004: 01</revised> <revised>2004-05-28: 01</revised>
<bug>49387</bug> <bug>49387</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -61,15 +60,15 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=media-video/mplayer-1.0_pre4" # emerge -pv "&gt;=media-video/mplayer-1.0_pre4"
# emerge ">=media-video/mplayer-1.0_pre4" # emerge "&gt;=media-video/mplayer-1.0_pre4"
# emerge -pv ">=media-libs/xine-lib-1_rc4" # emerge -pv "&gt;=media-libs/xine-lib-1_rc4"
# emerge ">=media-libs/xine-lib-1_rc4"</code> # emerge "&gt;=media-libs/xine-lib-1_rc4"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://xinehq.de/index.php/security/XSA-2004-3">Xine security advisory</uri> <uri link="http://xinehq.de/index.php/security/XSA-2004-3">Xine security advisory</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0433">CAN-2004-0433</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0433">CAN-2004-0433</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
koon koon

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200405-25.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200405-25"> <glsa id="200405-25">
<title>tla: Multiple vulnerabilities in included libneon</title> <title>tla: Multiple vulnerabilities in included libneon</title>
<synopsis> <synopsis>
tla includes a vulnerable version of the neon library. tla includes a vulnerable version of the neon library.
</synopsis> </synopsis>
<product type="ebuild">tla</product> <product type="ebuild">tla</product>
<announced>May 30, 2004</announced> <announced>2004-05-30</announced>
<revised>June 02, 2004: 02</revised> <revised>2004-06-02: 02</revised>
<bug>51586</bug> <bug>51586</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -50,12 +49,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-util/tla-1.2-r2" # emerge -pv "&gt;=dev-util/tla-1.2-r2"
# emerge ">=dev-util/tla-1.2-r2"</code> # emerge "&gt;=dev-util/tla-1.2-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="/security/en/glsa/glsa-200405-01.xml">GLSA 200405-01</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-01.xml">GLSA 200405-01</uri>
<uri link="/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

19
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-01.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-01"> <glsa id="200406-01">
<title>Ethereal: Multiple security problems</title> <title>Ethereal: Multiple security problems</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
which may allow an attacker to run arbitrary code or crash the program. which may allow an attacker to run arbitrary code or crash the program.
</synopsis> </synopsis>
<product type="ebuild">Ethereal</product> <product type="ebuild">Ethereal</product>
<announced>June 04, 2004</announced> <announced>2004-06-04</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>51022</bug> <bug>51022</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -48,7 +47,7 @@
<workaround> <workaround>
<p> <p>
For a temporary workaround you can disable all affected protocol For a temporary workaround you can disable all affected protocol
dissectors by selecting Analyze->Enabled Protocols... and deselecting dissectors by selecting Analyze-&gt;Enabled Protocols... and deselecting
them from the list. However, it is strongly recommended to upgrade to them from the list. However, it is strongly recommended to upgrade to
the latest stable release. the latest stable release.
</p> </p>
@ -60,15 +59,15 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=net-analyzer/ethereal-0.10.4&quot; # emerge -pv "&gt;=net-analyzer/ethereal-0.10.4"
# emerge &quot;&gt;=net-analyzer/ethereal-0.10.4&quot;</code> # emerge "&gt;=net-analyzer/ethereal-0.10.4"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.ethereal.com/appnotes/enpa-sa-00014.html">Ethereal enpa-sa-00014</uri> <uri link="http://www.ethereal.com/appnotes/enpa-sa-00014.html">Ethereal enpa-sa-00014</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0504">CVE-2004-0504</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0504">CVE-2004-0504</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0505">CVE-2004-0505</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0505">CVE-2004-0505</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0506">CVE-2004-0506</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0506">CVE-2004-0506</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0507">CVE-2004-0507</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0507">CVE-2004-0507</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-02.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-02"> <glsa id="200406-02">
<title>tripwire: Format string vulnerability</title> <title>tripwire: Format string vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
circumstances has been found. circumstances has been found.
</synopsis> </synopsis>
<product type="ebuild">tripwire</product> <product type="ebuild">tripwire</product>
<announced>June 04, 2004</announced> <announced>2004-06-04</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>52945</bug> <bug>52945</bug>
<access>local</access> <access>local</access>
<affected> <affected>
@ -48,12 +47,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=app-admin/tripwire-2.3.1.2-r1&quot; # emerge -pv "&gt;=app-admin/tripwire-2.3.1.2-r1"
# emerge &quot;&gt;=app-admin/tripwire-2.3.1.2-r1&quot;</code> # emerge "&gt;=app-admin/tripwire-2.3.1.2-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/archive/1/365036/2004-05-31/2004-06-06/0">Bugtraq Announcement</uri> <uri link="http://www.securityfocus.com/archive/1/365036/2004-05-31/2004-06-06/0">Bugtraq Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0536">CVE-2004-0536</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0536">CVE-2004-0536</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-03.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-03"> <glsa id="200406-03">
<title>sitecopy: Multiple vulnerabilities in included libneon</title> <title>sitecopy: Multiple vulnerabilities in included libneon</title>
<synopsis> <synopsis>
sitecopy includes a vulnerable version of the neon library. sitecopy includes a vulnerable version of the neon library.
</synopsis> </synopsis>
<product type="ebuild">sitecopy</product> <product type="ebuild">sitecopy</product>
<announced>June 05, 2004</announced> <announced>2004-06-05</announced>
<revised>August 15, 2004: 04</revised> <revised>2004-08-15: 04</revised>
<bug>51585</bug> <bug>51585</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,12 +50,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-misc/sitecopy-0.13.4-r2" # emerge -pv "&gt;=net-misc/sitecopy-0.13.4-r2"
# emerge ">=net-misc/sitecopy-0.13.4-r2"</code> # emerge "&gt;=net-misc/sitecopy-0.13.4-r2"</code>
</resolution> </resolution>
<references> <references>
<uri link="/security/en/glsa/glsa-200405-01.xml">GLSA 200405-01</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-01.xml">GLSA 200405-01</uri>
<uri link="/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri> <uri link="https://www.gentoo.org/security/en/glsa/glsa-200405-13.xml">GLSA 200405-13</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-04.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-04"> <glsa id="200406-04">
<title>Mailman: Member password disclosure vulnerability</title> <title>Mailman: Member password disclosure vulnerability</title>
<synopsis> <synopsis>
Mailman contains a bug allowing 3rd parties to retrieve member passwords. Mailman contains a bug allowing 3rd parties to retrieve member passwords.
</synopsis> </synopsis>
<product type="ebuild">mailman</product> <product type="ebuild">mailman</product>
<announced>June 09, 2004</announced> <announced>2004-06-09</announced>
<revised>June 09, 2004: 01</revised> <revised>2004-06-09: 01</revised>
<bug>51671</bug> <bug>51671</bug>
<access>remote </access> <access>remote </access>
<affected> <affected>
@ -47,12 +46,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-mail/mailman-2.1.5" # emerge -pv "&gt;=net-mail/mailman-2.1.5"
# emerge ">=net-mail/mailman-2.1.5"</code> # emerge "&gt;=net-mail/mailman-2.1.5"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html">Mailman 2.1.5 Release Announcement</uri> <uri link="https://mail.python.org/pipermail/mailman-announce/2004-May/000072.html">Mailman 2.1.5 Release Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0412">CAN-2004-0412</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0412">CAN-2004-0412</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

17
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-05.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-05"> <glsa id="200406-05">
<title>Apache: Buffer overflow in mod_ssl</title> <title>Apache: Buffer overflow in mod_ssl</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
Apache is configured a certain way. Apache is configured a certain way.
</synopsis> </synopsis>
<product type="ebuild">Apache</product> <product type="ebuild">Apache</product>
<announced>June 09, 2004</announced> <announced>2004-06-09</announced>
<revised>December 30, 2007: 03</revised> <revised>2007-12-30: 03</revised>
<bug>51368</bug> <bug>51368</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -42,7 +41,7 @@
<p> <p>
Given the right server configuration, an attacker could cause a Denial of Given the right server configuration, an attacker could cause a Denial of
Service or execute code as the user running Apache, usually Service or execute code as the user running Apache, usually
&quot;apache&quot;. It is thought to be impossible to exploit this to "apache". It is thought to be impossible to exploit this to
execute code on the x86 platform, but the possibility for other platforms execute code on the x86 platform, but the possibility for other platforms
is unknown. This does not preclude a DoS on x86 systems. is unknown. This does not preclude a DoS on x86 systems.
</p> </p>
@ -60,19 +59,19 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=net-www/mod_ssl-2.8.18" # emerge -pv "&gt;=net-www/mod_ssl-2.8.18"
# emerge ">=net-www/mod_ssl-2.8.18"</code> # emerge "&gt;=net-www/mod_ssl-2.8.18"</code>
<p> <p>
Apache 2.x users should upgrade to the latest version of Apache: Apache 2.x users should upgrade to the latest version of Apache:
</p> </p>
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=www-servers/apache-2.0.49-r3" # emerge -pv "&gt;=www-servers/apache-2.0.49-r3"
# emerge ">=www-servers/apache-2.0.49-r3"</code> # emerge "&gt;=www-servers/apache-2.0.49-r3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488">CAN-2004-0488</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488">CAN-2004-0488</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
dmargoli dmargoli

21
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-06.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-06"> <glsa id="200406-06">
<title>CVS: additional DoS and arbitrary code execution vulnerabilities</title> <title>CVS: additional DoS and arbitrary code execution vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
an attacker to remotely compromise a CVS server. an attacker to remotely compromise a CVS server.
</synopsis> </synopsis>
<product type="ebuild">CVS</product> <product type="ebuild">CVS</product>
<announced>June 10, 2004</announced> <announced>2004-06-10</announced>
<revised>June 10, 2004: 01</revised> <revised>2004-06-10: 01</revised>
<bug>53408</bug> <bug>53408</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -31,8 +30,8 @@
vulnerabilities including: vulnerabilities including:
</p> </p>
<ul> <ul>
<li>no-null-termination of &quot;Entry&quot; lines</li> <li>no-null-termination of "Entry" lines</li>
<li>error_prog_name &quot;double-free()&quot;</li> <li>error_prog_name "double-free()"</li>
<li>Argument integer overflow</li> <li>Argument integer overflow</li>
<li>serve_notify() out of bounds writes</li> <li>serve_notify() out of bounds writes</li>
</ul> </ul>
@ -56,15 +55,15 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-util/cvs-1.11.17" # emerge -pv "&gt;=dev-util/cvs-1.11.17"
# emerge ">=dev-util/cvs-1.11.17"</code> # emerge "&gt;=dev-util/cvs-1.11.17"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://security.e-matters.de/advisories/092004.html">E-matters Advisory 09/2004</uri> <uri link="http://security.e-matters.de/advisories/092004.html">E-matters Advisory 09/2004</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414">CAN-2004-0414</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414">CAN-2004-0414</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416">CAN-2004-0416</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416">CAN-2004-0416</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417">CAN-2004-0417</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417">CAN-2004-0417</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418">CAN-2004-0418</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418">CAN-2004-0418</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

15
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-07.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-07"> <glsa id="200406-07">
<title>Subversion: Remote heap overflow</title> <title>Subversion: Remote heap overflow</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
exploitable to execute arbitrary code on the server running svnserve. exploitable to execute arbitrary code on the server running svnserve.
</synopsis> </synopsis>
<product type="ebuild">dev-util/subversion</product> <product type="ebuild">dev-util/subversion</product>
<announced>June 10, 2004</announced> <announced>2004-06-10</announced>
<revised>June 10, 2004: 01</revised> <revised>2004-06-10: 01</revised>
<access>remote</access> <access>remote</access>
<affected> <affected>
<package name="dev-util/subversion" auto="yes" arch="*"> <package name="dev-util/subversion" auto="yes" arch="*">
@ -19,8 +18,8 @@
</affected> </affected>
<background> <background>
<p> <p>
Subversion is a revision control system that aims to be a &quot;compelling Subversion is a revision control system that aims to be a "compelling
replacement for CVS&quot;. It enjoys wide use in the open source community. replacement for CVS". It enjoys wide use in the open source community.
svnserve allows access to Subversion repositories using URIs with the svnserve allows access to Subversion repositories using URIs with the
svn://, svn+ssh://, and other tunelled svn+*:// protocols. svn://, svn+ssh://, and other tunelled svn+*:// protocols.
</p> </p>
@ -58,11 +57,11 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=dev-util/subversion-1.0.4-r1" # emerge -pv "&gt;=dev-util/subversion-1.0.4-r1"
# emerge ">=dev-util/subversion-1.0.4-r1"</code> # emerge "&gt;=dev-util/subversion-1.0.4-r1"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0413">CAN-2004-0413</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0413">CAN-2004-0413</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
dmargoli dmargoli

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-08.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-08"> <glsa id="200406-08">
<title>Squirrelmail: Another XSS vulnerability</title> <title>Squirrelmail: Another XSS vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
compromise of webmail accounts. compromise of webmail accounts.
</synopsis> </synopsis>
<product type="ebuild">Squirrelmail</product> <product type="ebuild">Squirrelmail</product>
<announced>June 15, 2004</announced> <announced>2004-06-15</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>52434</bug> <bug>52434</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -51,13 +50,13 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=mail-client/squirrelmail-1.4.3&quot; # emerge -pv "&gt;=mail-client/squirrelmail-1.4.3"
# emerge &quot;&gt;=mail-client/squirrelmail-1.4.3&quot;</code> # emerge "&gt;=mail-client/squirrelmail-1.4.3"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt">RS-Labs Advisory</uri> <uri link="http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt">RS-Labs Advisory</uri>
<uri link="http://www.cert.org/advisories/CA-2000-02.html">CERT description of XSS</uri> <uri link="https://www.cert.org/advisories/CA-2000-02.html">CERT description of XSS</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0520">CVE-2004-0520</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0520">CVE-2004-0520</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

9
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-09.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-09"> <glsa id="200406-09">
<title>Horde-Chora: Remote code execution</title> <title>Horde-Chora: Remote code execution</title>
<synopsis> <synopsis>
A vulnerability in Chora allows remote code execution and file upload. A vulnerability in Chora allows remote code execution and file upload.
</synopsis> </synopsis>
<product type="ebuild">www-apps/horde-chora</product> <product type="ebuild">www-apps/horde-chora</product>
<announced>June 15, 2004</announced> <announced>2004-06-15</announced>
<revised>December 30, 2007: 02</revised> <revised>2007-12-30: 02</revised>
<bug>53800</bug> <bug>53800</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -49,8 +48,8 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv ">=www-apps/horde-chora-1.2.2" # emerge -pv "&gt;=www-apps/horde-chora-1.2.2"
# emerge ">=www-apps/horde-chora-1.2.2"</code> # emerge "&gt;=www-apps/horde-chora-1.2.2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://security.e-matters.de/advisories/102004.html">e-matters Advisory</uri> <uri link="http://security.e-matters.de/advisories/102004.html">e-matters Advisory</uri>

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-10.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-10"> <glsa id="200406-10">
<title>Gallery: Privilege escalation vulnerability</title> <title>Gallery: Privilege escalation vulnerability</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
allow an attacker to gain administrator privileges within Gallery. allow an attacker to gain administrator privileges within Gallery.
</synopsis> </synopsis>
<product type="ebuild">gallery</product> <product type="ebuild">gallery</product>
<announced>June 15, 2004</announced> <announced>2004-06-15</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>52798</bug> <bug>52798</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -53,12 +52,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=www-apps/gallery-1.4.3_p2&quot; # emerge -pv "&gt;=www-apps/gallery-1.4.3_p2"
# emerge &quot;&gt;=www-apps/gallery-1.4.3_p2&quot;</code> # emerge "&gt;=www-apps/gallery-1.4.3_p2"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://gallery.menalto.com/modules.php?op=modload&amp;name=News&amp;file=article&amp;sid=123&amp;mode=thread&amp;order=0&amp;thold=0">Gallery Announcement</uri> <uri link="http://gallery.menalto.com/modules.php?op=modload&amp;name=News&amp;file=article&amp;sid=123&amp;mode=thread&amp;order=0&amp;thold=0">Gallery Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0522">CVE-2004-0522</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0522">CVE-2004-0522</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
condordes condordes

11
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-11.xml vendored
View File

@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-11"> <glsa id="200406-11">
<title>Horde-IMP: Input validation vulnerability</title> <title>Horde-IMP: Input validation vulnerability</title>
<synopsis> <synopsis>
An input validation vulnerability has been discovered in Horde-IMP. An input validation vulnerability has been discovered in Horde-IMP.
</synopsis> </synopsis>
<product type="ebuild">horde-imp</product> <product type="ebuild">horde-imp</product>
<announced>June 16, 2004</announced> <announced>2004-06-16</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>53862</bug> <bug>53862</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -49,12 +48,12 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=www-apps/horde-imp-3.2.4&quot; # emerge -pv "&gt;=www-apps/horde-imp-3.2.4"
# emerge &quot;&gt;=www-apps/horde-imp-3.2.4&quot;</code> # emerge "&gt;=www-apps/horde-imp-3.2.4"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/bid/10501">Bugtraq Announcement</uri> <uri link="http://www.securityfocus.com/bid/10501">Bugtraq Announcement</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0584">CVE-2004-0584</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0584">CVE-2004-0584</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

13
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-200406-12.xml vendored
View File

@ -1,6 +1,5 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="200406-12"> <glsa id="200406-12">
<title>Webmin: Multiple vulnerabilities</title> <title>Webmin: Multiple vulnerabilities</title>
<synopsis> <synopsis>
@ -8,8 +7,8 @@
of Service attack and information disclosure. of Service attack and information disclosure.
</synopsis> </synopsis>
<product type="ebuild">webmin</product> <product type="ebuild">webmin</product>
<announced>June 16, 2004</announced> <announced>2004-06-16</announced>
<revised>May 22, 2006: 02</revised> <revised>2006-05-22: 02</revised>
<bug>53375</bug> <bug>53375</bug>
<access>remote</access> <access>remote</access>
<affected> <affected>
@ -52,14 +51,14 @@
<code> <code>
# emerge sync # emerge sync
# emerge -pv &quot;&gt;=app-admin/app-admin/webmin-1.150&quot; # emerge -pv "&gt;=app-admin/app-admin/webmin-1.150"
# emerge &quot;&gt;=app-admin/app-admin/webmin-1.150&quot;</code> # emerge "&gt;=app-admin/app-admin/webmin-1.150"</code>
</resolution> </resolution>
<references> <references>
<uri link="http://www.securityfocus.com/bid/10474">Bugtraq Announcement</uri> <uri link="http://www.securityfocus.com/bid/10474">Bugtraq Announcement</uri>
<uri link="http://www.webmin.com/changes-1.150.html">Webmin Changelog</uri> <uri link="http://www.webmin.com/changes-1.150.html">Webmin Changelog</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0582">CVE-2004-0582</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0582">CVE-2004-0582</uri>
<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0583">CVE-2004-0583</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0583">CVE-2004-0583</uri>
</references> </references>
<metadata tag="submitter"> <metadata tag="submitter">
jaervosz jaervosz

Some files were not shown because too many files have changed in this diff Show More