From c248dc8b8d2dce763f784bceae1c8b500b41bf17 Mon Sep 17 00:00:00 2001
From: David Michael <dm0@redhat.com>
Date: Wed, 20 Mar 2019 14:34:56 +0000
Subject: [PATCH] bump(metadata/glsa): sync with upstream

---
 .../portage-stable/metadata/glsa/Manifest     |  30 +++++-----
 .../metadata/glsa/Manifest.files.gz           | Bin 437590 -> 437750 bytes
 .../metadata/glsa/glsa-201903-16.xml          |  54 ++++++++++++++++++
 .../metadata/glsa/timestamp.chk               |   2 +-
 .../metadata/glsa/timestamp.commit            |   2 +-
 5 files changed, 71 insertions(+), 17 deletions(-)
 create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml

diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
index 7ad3d4e290..fc9db89f9a 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 437590 BLAKE2B 89b5299a2ae5909a2f126e7d079e486a46a84b314ae3fd8e955c116ff1469671110300e3034ae816a3f8d7760ff951864b0f6a2ea8e63f69093f03e040aaa3f5 SHA512 af2b9c5421b1ff957533cc161bb0347cbaa2e3e90c9069b5b7e6141ce2a943b1cc971aacd34224e34915a04db19e7b1d06ff5519de5e8c67f4753e7fc7157bf3
-TIMESTAMP 2019-03-19T13:08:41Z
+MANIFEST Manifest.files.gz 437750 BLAKE2B e4c6b7d5ec709b50478a92e61fd043c3784eb62915f4d39921a1c91a36627c315752406124b99ad4af39a3380f0f1c4b9ccabb34323d36427251a04d374298bd SHA512 31716069b15e65375ed6e961b9459069e7ce8ef8e807f89b733a3fd83d7d24cc1a5166f4e9df1134d130ee61e231e8958fee715eba64b4e57349f5a4b6f22879
+TIMESTAMP 2019-03-20T14:08:40Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyQ6dlfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlySSWhfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klCiIxAAtD8h+ihAUDvqNvCC9SdERlHiKbmJk96TjCAugmmp8BSF9AMOa7YktfUR
-yfNqRUI2kG5hBz9OxV3ll1NyIB8knAoBnYEZsCSqCuCM1UXdiolduYy+bWrXeN57
-f5VtmkPXhCJEfDbURbCMBkraAVOYbBjV5f3P80zmmKgRawMOiQLAtDGSBgfDDWue
-83ILR2ZANa+GCluDVEe9Y5+50D5ydKCdWFDD7YOC5gpM/98Yj4idOguQV1IBA0dv
-9VPtH1amWCmmuYuPgkHAzyQpYAKFeWGZaCbaHVkhDPv15/BS05zKMqWbTCYcC14C
-nn3JBR8tPPR135NG1n9skFg/ycTcfaJfkqZ1Mweh5NrJzsass9qEGMIK7sNsclcF
-90SONSRWPzwasHtLoTs5uYp4Vtv04BdPOQDutoGenOrA+p83Phef3Qydn6TgVSfg
-hwQTV8LyT7U7elU77+t4QiwMX090K++Ey4/zTZW/cdafiGRT+pMfY5/8SD0gb7lm
-VRoyEz2IQxsHg84jRfC72jkpiDwRlJgFacbdy+Rzx5kRgJvA63c0GtQZNwTI4dQt
-pK+Hnubpv+AP9BW89D3rpbdEYBr7mXS2Lx8ZW6zl0deBYUL77V3KBPDqC0au9usz
-uQOXjuOvugjnJd9bnHS/ArJ30VJ01wVhqIktgyLzq1A7/jvOmK8=
-=9XkB
+klAGHBAAie17TMYJuUaFIcborhrkjUGykwyzXp3d/RBt9kjIZFoqDAHjYD5+Wlet
+xi0aBUzYmWx2HGuW0DpKGr6Wa4vDktJKY+hNI4rocY1WdNxXtQiw7eKLlbKgYXFy
+f/9ylhxNKUeh72Cak1yNUDarC5B8MJGyNp5vrU4TUPs6mJNd/fbbXyhISOwvbRmU
+zHwgtFrVRVYuGlT/BC3ZNp2tAp8aiTOa9su63eFJF3Mk4Qm9wgYaT+2+wXuMxt8y
+CWy3yazdUQnsKOEJ2Uk1r71Khb/k/4uFgTgQli/QBFIgNAXOk6kozHuQE1DLvoue
+nHFuf32luDHqZ1k6uhRjQC8QHXCXSeooBvoph+J/ppRB9KmBs0mLGzIMOa3iJ8ti
+um4W2huqGWhwakx0zTS3Hj+udcGIHKmq7ynSD2JCclAX0Y1L4feGLr6Q5XuTEnTN
+KlCmYKL4UQOHKhgZMhz9LqteWjQc40kZbC2dXldFg/xMMEeIdFMVVz/QgQxUHX9b
+vyXkluS7I8GnzBf2BhhJdUIu9gCuILL/c+sk7YYvNZp4mmTe6/JzYxlBJHVQsq9+
+rDUwCLFNftc+u5tDDjLprrJXJK2Fq25wGTISLIs+nvrJsx+h5mcydHq/e40dN6UM
+syOsTDuxkNwClqxLKgBjWeHO0AM6orLLN2mA61rR9z3mkWHwhoE=
+=dL/y
 -----END PGP SIGNATURE-----
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz
index 01756e23b684a7b93a0b99dd6d5b10a42afa3fa8..952fa66fd1162da528f81d296d0e5455cb6d9f1b 100644
GIT binary patch
delta 812
zcmV+{1JnH0+8XxT8i0fWgaU*Egam{Iv<AqkR%#qE5JvYtMNSZ;{*lxN2qBvUasz2v
zA|?z8c<xW$Q*4hHvo#nSwN&+$RP{Z3WOZBYlunZfC@@8C8z=96(@a27T@%0Rb|9lj
zW?H?O=Y8mrj#@029jgW-f1Ks@1;l93!G-@Iq8%M%*&eLc>njFF=dK_M>L@st9c|9v
zycDizJkp&e5ti~q>s;-cL{XHbtRyZZ{^o_im@p)k0Li6yW~X*BCQR9_HU7f>yl{Yq
zX{`7R-Mo6P6ZnZlyHiAxZ6N$X&N_RUIyVi1R<6^S#a8^DrEcaRfBj2)A*~~Z!zvP_
zrA{nvag?m{ozxt4AoiMbT0|Fwh?N>E;{>$Gq-B?lDW#rld_G#Ow@%9ao)evw&VrFS
zenY!dDlkfgEWbd3LQ)gpW-CjVCGF*{&jn7B7U9ub(7}lR7J<Ots#==sMLMW0oic3^
zsqLZ*3O=;rs=ZbFe~zNW`}g~;ggjffCfk6uZL3zH5?+KBpPeP)I}rEkxfh}`_3Sa6
z2(_h!8njNxRkqU@t$B23WW0YIWGX67>y<+ANLwh5t~gUcWmOJAkhVfUI*D(7r}2Zs
zfu?FCr*Z1CL-IJJwuM!vFE8+t_`gOv2`s@DE<S}4*>|sMe+Ahc_HfB3N)A)C>G9;p
zi?$d{3iu)EbCAwtZOdeFtkFq6l-#`!0!d3<OprgsX{AI_N3va{(`hdjgXBE>+w2r`
zYTEeYqvGTpi+y5uJ0G;NTCw#MoQ2WcQHO(`h@XqzAXFF}agm+-Smc^U3yqN;tk!EM
zW%zI#Xah6)f9mxDElMMqxYC2@J)1ve5JalsEo(QCZDZKHpO2^<H&Sl=@;IlhMIjCG
znS+k^mo)xwcrU^hGoXINr_&R<i%}TtT5-IqQ>1(m7D!mk`}8?YGH#2mIl4*;Q3=J4
z_(W`!AJ6V5ASMe%&Dn`5l{$!TJ#<noDy>r}A@Yv0IwUzNO9ZgNfHLJ&g0ItwHMWrY
q)3>kRfBgLN>Gpi>FSmOA`}y+g_k$n)xn7@dPyYb&^a%fLtPB9p@{Rfc

delta 651
zcmV;60(AZM+Zxu|8i0fWgaU*Egam{Iv<AqkRgM!e5JvZN3QmCR{&Cv}K!^=U+`vxT
zVuT`)CifTbSq#l0+iVg!cGXvQ)%Wa?)orm;I!z*=z!bS{oV@F%nSi3YCVtheAfrfT
zTD_U)edv*nnk|<es|F)~e8}qyh|!>f3%?+u9UWxZo~+j2R}7BMr64luC^(iKZO-4k
z6s~AI(w!y|mhwdFquMozqR2~LNnA+$%?p7sVMr_il1uN*PVHh$n6g`I{Du8_;{XlQ
zSoRsZdG%Z;@Dqu4QACn$AbcTboxMz*n+8GasMDCmR{VZQ-8_PS^e^p&w2l}Kt4NTR
zI<dILQL@f=QghUS*lW&d5nT`>R%)z_6VM`)mR&ZclzOu9`E0e`J1O@oCps&A2u9}k
z4ee5?z$g_C`2`9Tl9~WFTUoj+X)kYmE^v}G3y<D{4o3W11Oj`jYH6+)>7cfB%CtqK
zwu>$(xM;;yd#m<;9Yu-v|L(UE@@(CjYy;M|ty+ajcoABBc9w+yfw))CJrk9wXUlLR
z)Rq=%&^jSkhn>b~&C;Eb@&0j;si-)uS2DpPZ6Q0l;!FjVRW5=cZH0bz65st!<9`kZ
znyQhU#;MB=$)iYZ3#(3FUf?D1e~ok!Sb{Cwd<rG9?_Sk^3bHHqaLFf14pX)1@#LQu
zZ84Y>@FMARkj`Xn%Vcq^(Mdj(+|>txq@^w<$QN;1DN)psY!~Tt+Ka^?InVw!JH?!u
zHvagiIC;lnpV-~b2d%7DY&`{MVKjHt;h-nt=b|?V6$VFKWamB>xu(%VW2BcapTB<l
l{^`Tx_1@na9`*kF<L$@KCm;U0-(Mdue*iR9XK6pH3;_9!L23X1

diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml
new file mode 100644
index 0000000000..7e9889dc28
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201903-16">
+  <title>OpenSSH: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in OpenSSH, the worst of
+    which could allow a remote attacker to gain unauthorized access.
+  </synopsis>
+  <product type="ebuild">openssh</product>
+  <announced>2019-03-20</announced>
+  <revised count="1">2019-03-20</revised>
+  <bug>675520</bug>
+  <bug>675522</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/openssh" auto="yes" arch="*">
+      <unaffected range="ge">7.9_p1-r4</unaffected>
+      <vulnerable range="lt">7.9_p1-r4</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSSH is a complete SSH protocol implementation that includes SFTP
+      client and server support.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in OpenSSH. Please review
+      the CVE identifiers referenced below for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker could overwrite arbitrary files, transfer malicious
+      files, or gain unauthorized access.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSSH users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.9_p1-r4"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20685">CVE-2018-20685</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6109">CVE-2019-6109</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6110">CVE-2019-6110</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6111">CVE-2019-6111</uri>
+  </references>
+  <metadata tag="requester" timestamp="2019-03-10T21:55:11Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2019-03-20T13:35:05Z">b-man</metadata>
+</glsa>
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
index 234ab236bd..a905cc5ceb 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Tue, 19 Mar 2019 13:08:37 +0000
+Wed, 20 Mar 2019 14:08:36 +0000
diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
index 98bcf26d91..2d8b2954e1 100644
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-0a72c299702ffceee8f32f22b9d7b2c33e5140a0 1552965642 2019-03-19T03:20:42+00:00
+30f2fef098951e797cb4c22b80fbeb640fff7f3f 1553088963 2019-03-20T13:36:03+00:00