mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-17 18:06:59 +02:00
David Michael
GitHub
commit
96b7aaa7b2
@ -1,23 +1,23 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
MANIFEST Manifest.files.gz 421068 BLAKE2B 7dadce7e4b041a3441a6b63ed7a860af4bdcb72f0c20dfbfdd9e4fb6e577a48f6a4fcb0599fba15eed3a96fa7c8c225773cd2e3d3942a286fd74ab527c15651e SHA512 acf6ff1943f0998753e92be7360ecf6e135b838a2681d49f8c91bef5155aaca01686c562e9e52ce269826b172b3f86851233b7716507c7b52394116ff6101c02
|
||||
TIMESTAMP 2018-04-10T15:38:31Z
|
||||
MANIFEST Manifest.files.gz 421384 BLAKE2B bfbe5e356f9fb5467472e01b9ffa4c7ab788e49c049d40c7633dfa4d2ebb5c4bf4f92a4fa43049b85dad5d10c593ecd0e243ea7c1975e84055fc34386f72a4e8 SHA512 f0c1e1729862aec592153456994003bbdbb8f9bff919d3e8a74ef963808bc6065be99f22297469abc9678fd65da4c09918d0a860c5e2f27c193f04efea6f9560
|
||||
TIMESTAMP 2018-04-16T16:38:37Z
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlrM2ndfFIAAAAAALgAo
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlrU0Y1fFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
|
||||
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
|
||||
klBM2hAAhxjdROZlLwG2CxokiwKkVTLMepPK80nnhs85wEgE/DD4+zDo7qeKsRvi
|
||||
24x/hzxUrr+B82GoEGK6nhCq90CCj54FMZNu+3csa8T8JaFJrzJ+HAU6iNtfdKjE
|
||||
vMsE6Vdvehx6pgTEmVXrcc0iGQHKu8FNItd4z6MXvQg6s7UUJqdhw+mIV1t7jOB3
|
||||
rbGrzpYFgn1fZggmRrhIk82Lf3cTlSe5AU5/3625wrYpNUkYzS0cgkIA+vTjWo0N
|
||||
2bOpNXSJQobx1mILAivJHyjcz2TU38Po63soohfjyj1qpDF1FNKcYaidbR7ytFXS
|
||||
V3NmV0eoXmstXDMBsH1r01YtVxs6zpHSWkoZDEZTixGGxhJdPqyO0eQo1fCzCg0k
|
||||
AlIDdmNkfZAJiguSz8ZOjhIbhBrED7jyxl7q6bkfzC99rJwLSHeXk4h9bsGNdcFG
|
||||
WKByqf2HACL8J+XRpiwUX/lF8YxQ6PkXr3fWi4/i6zrGMa/Mu2U+RKDzFEHTTbXc
|
||||
nPuk4fY8aQt1FCXIjqBWUmhy4S/8VFCYKzru+s7NWNxFQsTzVXA8A5E4/KxOO4Ui
|
||||
jkUACXpPNWH/wAN55j5kZ4GwfvNDhQZ2Q/kiQAAWkcKUoYrQVrfB/gPy+eTTfa6N
|
||||
naEOmfnrFKuN0C0rYr6iLloS79cwvVSqZw2IjNsrcvAB7anhlUM=
|
||||
=iVON
|
||||
klBfbA/+II6sFbYzfmHBo4ga8eobS/m9HvPovkJSupaE/CJ52UMKsqp18Zr8Ja27
|
||||
WRGo6T1onvi916MCzxFgxXNoUQfGMOaXAecOEZUyQ+DlzGtXB7c8u1scUojzgG/0
|
||||
FtUEjMr5MUhbvj47OcbGrpnXY6eJEHwMbp/rQuftVORG1+e296B4bihALfpzP9J2
|
||||
6nb/Oby8qGY4eXOhENW6s2+U1f5AAYggvxssKxQ+WK24rxPIRKIQn/8jACwdaDyx
|
||||
YLyL+TXj4JFZ3HTjgDDn44aG1M2fkk/qViWpLw+F1jTaYmNUHUSk57aNtv6z15Yp
|
||||
7V5cBz+No2gJNPaz2BtIAQw7NhYFV78I1tiQ9FqpB+jPmeBDerhKz/6dcNyekwSk
|
||||
bGerQHuyO7SRhF+JWrust1OuKcn8z9b8WvV1XpWZo1eQuTSqU6JPFQWaBpVT7+CS
|
||||
Zb5YBIZuqKyvEwhx8LT7osCDX8cXq4AsRfRJ+PwUL1Eh3dRjPCDURW+0SrYKb+xf
|
||||
ppzUCJhQjk0iigYsow5d6v03pionjkl4xZWBBetnyGvH3lpb85AylEHCDbhLOx9z
|
||||
/zM5y3mOl2AddyVQkvEyCDy4z42MjE5gxSAoA4ixjwuFtYsCqrdoa4kotksPhPP5
|
||||
52d8oLEf3GvMNMxzILDBdkL6i2amqipA3q0MEyiB/2CblWsBccw=
|
||||
=AM/3
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
Binary file not shown.
61
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201804-11.xml
vendored
Normal file
61
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201804-11.xml
vendored
Normal file
@ -0,0 +1,61 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="201804-11">
|
||||
<title>Adobe Flash Player: Multiple vulnerabilities</title>
|
||||
<synopsis>Multiple vulnerabilities have been found in Adobe Flash Player, the
|
||||
worst of which allows remote attackers to execute arbitrary code.
|
||||
</synopsis>
|
||||
<product type="ebuild">flash</product>
|
||||
<announced>2018-04-11</announced>
|
||||
<revised count="1">2018-04-11</revised>
|
||||
<bug>652960</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="www-plugins/adobe-flash" auto="yes" arch="*">
|
||||
<unaffected range="ge">29.0.0.140</unaffected>
|
||||
<vulnerable range="lt">29.0.0.140</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>The Adobe Flash Player is a renderer for the SWF file format, which is
|
||||
commonly used to provide interactive websites.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Multiple vulnerabilities have been discovered in Adobe Flash Player.
|
||||
Please review the CVE identifiers referenced below for details.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="high">
|
||||
<p>A remote attacker could possibly execute arbitrary code with the
|
||||
privileges of the process, disclose sensitive information or bypass
|
||||
security restrictions.
|
||||
</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All Adobe Flash users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose
|
||||
">=www-plugins/adobe-flash-29.0.0.140"
|
||||
</code>
|
||||
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://helpx.adobe.com/security/products/flash-player/apsb18-08.html">
|
||||
APSB18-08
|
||||
</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4932">CVE-2018-4932</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4933">CVE-2018-4933</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4934">CVE-2018-4934</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4935">CVE-2018-4935</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4936">CVE-2018-4936</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-4937">CVE-2018-4937</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2018-04-11T11:03:48Z">whissi</metadata>
|
||||
<metadata tag="submitter" timestamp="2018-04-11T20:08:20Z">whissi</metadata>
|
||||
</glsa>
|
||||
50
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201804-12.xml
vendored
Normal file
50
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201804-12.xml
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="201804-12">
|
||||
<title>Go: Arbitrary code execution</title>
|
||||
<synopsis>A vulnerability in Go allows remote attackers to execute arbitrary
|
||||
commands.
|
||||
</synopsis>
|
||||
<product type="ebuild">go</product>
|
||||
<announced>2018-04-15</announced>
|
||||
<revised count="1">2018-04-15</revised>
|
||||
<bug>650014</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="dev-lang/go" auto="yes" arch="*">
|
||||
<unaffected range="ge">1.10.1</unaffected>
|
||||
<vulnerable range="lt">1.10.1</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>Go is an open source programming language that makes it easy to build
|
||||
simple, reliable, and efficient software.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>A vulnerability in Go was discovered which does not validate the import
|
||||
path of remote repositories.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="normal">
|
||||
<p>Remote attackers, by enticing a user to import from a crafted website,
|
||||
could execute arbitrary commands.
|
||||
</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All Go users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose ">=dev-lang/go-1.10.1"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-7187">CVE-2018-7187</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2018-04-14T16:24:01Z">b-man</metadata>
|
||||
<metadata tag="submitter" timestamp="2018-04-15T23:23:53Z">b-man</metadata>
|
||||
</glsa>
|
||||
@ -1 +1 @@
|
||||
Tue, 10 Apr 2018 15:38:27 +0000
|
||||
Mon, 16 Apr 2018 16:38:33 +0000
|
||||
|
||||
@ -1 +1 @@
|
||||
6d341a6c00fd52a41ddaf7e932d941b6c7f9bf88 1523293654 2018-04-09T17:07:34+00:00
|
||||
aa26a212e36fbca3a9091a00250a459fd6576eae 1523834733 2018-04-15T23:25:33+00:00
|
||||
|
||||
Loading…
Reference in New Issue
Block a user