bump(metadata/glsa): sync with upstream

2025-08-17 18:06:59 +02:00 · 2019-03-20 14:34:56 +00:00 · 2019-03-20 14:34:56 +00:00 · c248dc8b8d
commit c248dc8b8d
parent 3905704705
5 changed files with 71 additions and 17 deletions
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest
@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
-MANIFEST Manifest.files.gz 437590 BLAKE2B 89b5299a2ae5909a2f126e7d079e486a46a84b314ae3fd8e955c116ff1469671110300e3034ae816a3f8d7760ff951864b0f6a2ea8e63f69093f03e040aaa3f5 SHA512 af2b9c5421b1ff957533cc161bb0347cbaa2e3e90c9069b5b7e6141ce2a943b1cc971aacd34224e34915a04db19e7b1d06ff5519de5e8c67f4753e7fc7157bf3
+MANIFEST Manifest.files.gz 437750 BLAKE2B e4c6b7d5ec709b50478a92e61fd043c3784eb62915f4d39921a1c91a36627c315752406124b99ad4af39a3380f0f1c4b9ccabb34323d36427251a04d374298bd SHA512 31716069b15e65375ed6e961b9459069e7ce8ef8e807f89b733a3fd83d7d24cc1a5166f4e9df1134d130ee61e231e8958fee715eba64b4e57349f5a4b6f22879
-TIMESTAMP 2019-03-19T13:08:41Z
+TIMESTAMP 2019-03-20T14:08:40Z
 -----BEGIN PGP SIGNATURE-----
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyQ6dlfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlySSWhfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klCiIxAAtD8h+ihAUDvqNvCC9SdERlHiKbmJk96TjCAugmmp8BSF9AMOa7YktfUR
+klAGHBAAie17TMYJuUaFIcborhrkjUGykwyzXp3d/RBt9kjIZFoqDAHjYD5+Wlet
-yfNqRUI2kG5hBz9OxV3ll1NyIB8knAoBnYEZsCSqCuCM1UXdiolduYy+bWrXeN57
+xi0aBUzYmWx2HGuW0DpKGr6Wa4vDktJKY+hNI4rocY1WdNxXtQiw7eKLlbKgYXFy
-f5VtmkPXhCJEfDbURbCMBkraAVOYbBjV5f3P80zmmKgRawMOiQLAtDGSBgfDDWue
+f/9ylhxNKUeh72Cak1yNUDarC5B8MJGyNp5vrU4TUPs6mJNd/fbbXyhISOwvbRmU
-83ILR2ZANa+GCluDVEe9Y5+50D5ydKCdWFDD7YOC5gpM/98Yj4idOguQV1IBA0dv
+zHwgtFrVRVYuGlT/BC3ZNp2tAp8aiTOa9su63eFJF3Mk4Qm9wgYaT+2+wXuMxt8y
-9VPtH1amWCmmuYuPgkHAzyQpYAKFeWGZaCbaHVkhDPv15/BS05zKMqWbTCYcC14C
+CWy3yazdUQnsKOEJ2Uk1r71Khb/k/4uFgTgQli/QBFIgNAXOk6kozHuQE1DLvoue
-nn3JBR8tPPR135NG1n9skFg/ycTcfaJfkqZ1Mweh5NrJzsass9qEGMIK7sNsclcF
+nHFuf32luDHqZ1k6uhRjQC8QHXCXSeooBvoph+J/ppRB9KmBs0mLGzIMOa3iJ8ti
-90SONSRWPzwasHtLoTs5uYp4Vtv04BdPOQDutoGenOrA+p83Phef3Qydn6TgVSfg
+um4W2huqGWhwakx0zTS3Hj+udcGIHKmq7ynSD2JCclAX0Y1L4feGLr6Q5XuTEnTN
-hwQTV8LyT7U7elU77+t4QiwMX090K++Ey4/zTZW/cdafiGRT+pMfY5/8SD0gb7lm
+KlCmYKL4UQOHKhgZMhz9LqteWjQc40kZbC2dXldFg/xMMEeIdFMVVz/QgQxUHX9b
-VRoyEz2IQxsHg84jRfC72jkpiDwRlJgFacbdy+Rzx5kRgJvA63c0GtQZNwTI4dQt
+vyXkluS7I8GnzBf2BhhJdUIu9gCuILL/c+sk7YYvNZp4mmTe6/JzYxlBJHVQsq9+
-pK+Hnubpv+AP9BW89D3rpbdEYBr7mXS2Lx8ZW6zl0deBYUL77V3KBPDqC0au9usz
+rDUwCLFNftc+u5tDDjLprrJXJK2Fq25wGTISLIs+nvrJsx+h5mcydHq/e40dN6UM
-uQOXjuOvugjnJd9bnHS/ArJ30VJ01wVhqIktgyLzq1A7/jvOmK8=
+syOsTDuxkNwClqxLKgBjWeHO0AM6orLLN2mA61rR9z3mkWHwhoE=
-=9XkB
+=dL/y
 -----END PGP SIGNATURE-----
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml
@ -0,0 +1,54 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
 <glsa id="201903-16">
  <title>OpenSSH: Multiple vulnerabilities</title>
  <synopsis>Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to gain unauthorized access.
  </synopsis>
  <product type="ebuild">openssh</product>
  <announced>2019-03-20</announced>
  <revised count="1">2019-03-20</revised>
  <bug>675520</bug>
  <bug>675522</bug>
  <access>remote</access>
  <affected>
    <package name="net-misc/openssh" auto="yes" arch="*">
      <unaffected range="ge">7.9_p1-r4</unaffected>
      <vulnerable range="lt">7.9_p1-r4</vulnerable>
    </package>
  </affected>
  <background>
    <p>OpenSSH is a complete SSH protocol implementation that includes SFTP
      client and server support.
    </p>
  </background>
  <description>
    <p>Multiple vulnerabilities have been discovered in OpenSSH. Please review
      the CVE identifiers referenced below for details.
    </p>
  </description>
  <impact type="normal">
    <p>A remote attacker could overwrite arbitrary files, transfer malicious
      files, or gain unauthorized access.
    </p>
  </impact>
  <workaround>
    <p>There is no known workaround at this time.</p>
  </workaround>
  <resolution>
    <p>All OpenSSH users should upgrade to the latest version:</p>
    <code>
      # emerge --sync
      # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.9_p1-r4"
    </code>
  </resolution>
  <references>
    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20685">CVE-2018-20685</uri>
    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6109">CVE-2019-6109</uri>
    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6110">CVE-2019-6110</uri>
    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6111">CVE-2019-6111</uri>
  </references>
  <metadata tag="requester" timestamp="2019-03-10T21:55:11Z">BlueKnight</metadata>
  <metadata tag="submitter" timestamp="2019-03-20T13:35:05Z">b-man</metadata>
 </glsa>
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk
@ -1 +1 @@
-Tue, 19 Mar 2019 13:08:37 +0000
+Wed, 20 Mar 2019 14:08:36 +0000
--- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
+++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit
@ -1 +1 @@
-0a72c299702ffceee8f32f22b9d7b2c33e5140a0 1552965642 2019-03-19T03:20:42+00:00
+30f2fef098951e797cb4c22b80fbeb640fff7f3f 1553088963 2019-03-20T13:36:03+00:00
`@ -1 +1 @@`
	`Tue, 19 Mar 2019 13:08:37 +0000`	`Wed, 20 Mar 2019 14:08:36 +0000`
`@ -1 +1 @@`
	`0a72c299702ffceee8f32f22b9d7b2c33e5140a0 1552965642 2019-03-19T03:20:42+00:00`	`30f2fef098951e797cb4c22b80fbeb640fff7f3f 1553088963 2019-03-20T13:36:03+00:00`