mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 09:56:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #717 from dm0-/glsa

Browse Source 
bump(metadata/glsa): sync with upstream
This commit is contained in:
David Michael 2019-03-20 16:42:59 -04:00 committed by GitHub
commit d77e1c9578
5 changed files with 71 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest vendored
View File

@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
MANIFEST Manifest.files.gz 437590 BLAKE2B 89b5299a2ae5909a2f126e7d079e486a46a84b314ae3fd8e955c116ff1469671110300e3034ae816a3f8d7760ff951864b0f6a2ea8e63f69093f03e040aaa3f5 SHA512 af2b9c5421b1ff957533cc161bb0347cbaa2e3e90c9069b5b7e6141ce2a943b1cc971aacd34224e34915a04db19e7b1d06ff5519de5e8c67f4753e7fc7157bf3
TIMESTAMP 2019-03-19T13:08:41Z
MANIFEST Manifest.files.gz 437750 BLAKE2B e4c6b7d5ec709b50478a92e61fd043c3784eb62915f4d39921a1c91a36627c315752406124b99ad4af39a3380f0f1c4b9ccabb34323d36427251a04d374298bd SHA512 31716069b15e65375ed6e961b9459069e7ce8ef8e807f89b733a3fd83d7d24cc1a5166f4e9df1134d130ee61e231e8958fee715eba64b4e57349f5a4b6f22879
TIMESTAMP 2019-03-20T14:08:40Z
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlyQ6dlfFIAAAAAALgAo
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlySSWhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
klCiIxAAtD8h+ihAUDvqNvCC9SdERlHiKbmJk96TjCAugmmp8BSF9AMOa7YktfUR
yfNqRUI2kG5hBz9OxV3ll1NyIB8knAoBnYEZsCSqCuCM1UXdiolduYy+bWrXeN57
f5VtmkPXhCJEfDbURbCMBkraAVOYbBjV5f3P80zmmKgRawMOiQLAtDGSBgfDDWue
83ILR2ZANa+GCluDVEe9Y5+50D5ydKCdWFDD7YOC5gpM/98Yj4idOguQV1IBA0dv
9VPtH1amWCmmuYuPgkHAzyQpYAKFeWGZaCbaHVkhDPv15/BS05zKMqWbTCYcC14C
nn3JBR8tPPR135NG1n9skFg/ycTcfaJfkqZ1Mweh5NrJzsass9qEGMIK7sNsclcF
90SONSRWPzwasHtLoTs5uYp4Vtv04BdPOQDutoGenOrA+p83Phef3Qydn6TgVSfg
hwQTV8LyT7U7elU77+t4QiwMX090K++Ey4/zTZW/cdafiGRT+pMfY5/8SD0gb7lm
VRoyEz2IQxsHg84jRfC72jkpiDwRlJgFacbdy+Rzx5kRgJvA63c0GtQZNwTI4dQt
pK+Hnubpv+AP9BW89D3rpbdEYBr7mXS2Lx8ZW6zl0deBYUL77V3KBPDqC0au9usz
uQOXjuOvugjnJd9bnHS/ArJ30VJ01wVhqIktgyLzq1A7/jvOmK8=
=9XkB
klAGHBAAie17TMYJuUaFIcborhrkjUGykwyzXp3d/RBt9kjIZFoqDAHjYD5+Wlet
xi0aBUzYmWx2HGuW0DpKGr6Wa4vDktJKY+hNI4rocY1WdNxXtQiw7eKLlbKgYXFy
f/9ylhxNKUeh72Cak1yNUDarC5B8MJGyNp5vrU4TUPs6mJNd/fbbXyhISOwvbRmU
zHwgtFrVRVYuGlT/BC3ZNp2tAp8aiTOa9su63eFJF3Mk4Qm9wgYaT+2+wXuMxt8y
CWy3yazdUQnsKOEJ2Uk1r71Khb/k/4uFgTgQli/QBFIgNAXOk6kozHuQE1DLvoue
nHFuf32luDHqZ1k6uhRjQC8QHXCXSeooBvoph+J/ppRB9KmBs0mLGzIMOa3iJ8ti
um4W2huqGWhwakx0zTS3Hj+udcGIHKmq7ynSD2JCclAX0Y1L4feGLr6Q5XuTEnTN
KlCmYKL4UQOHKhgZMhz9LqteWjQc40kZbC2dXldFg/xMMEeIdFMVVz/QgQxUHX9b
vyXkluS7I8GnzBf2BhhJdUIu9gCuILL/c+sk7YYvNZp4mmTe6/JzYxlBJHVQsq9+
rDUwCLFNftc+u5tDDjLprrJXJK2Fq25wGTISLIs+nvrJsx+h5mcydHq/e40dN6UM
syOsTDuxkNwClqxLKgBjWeHO0AM6orLLN2mA61rR9z3mkWHwhoE=
=dL/y
-----END PGP SIGNATURE-----

BIN
sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz vendored
View File

Binary file not shown.

54
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-201903-16.xml vendored Normal file
View File

@ -0,0 +1,54 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201903-16">
<title>OpenSSH: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in OpenSSH, the worst of
which could allow a remote attacker to gain unauthorized access.
</synopsis>
<product type="ebuild">openssh</product>
<announced>2019-03-20</announced>
<revised count="1">2019-03-20</revised>
<bug>675520</bug>
<bug>675522</bug>
<access>remote</access>
<affected>
<package name="net-misc/openssh" auto="yes" arch="*">
<unaffected range="ge">7.9_p1-r4</unaffected>
<vulnerable range="lt">7.9_p1-r4</vulnerable>
</package>
</affected>
<background>
<p>OpenSSH is a complete SSH protocol implementation that includes SFTP
client and server support.
</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in OpenSSH. Please review
the CVE identifiers referenced below for details.
</p>
</description>
<impact type="normal">
<p>A remote attacker could overwrite arbitrary files, transfer malicious
files, or gain unauthorized access.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All OpenSSH users should upgrade to the latest version:</p>
<code>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.9_p1-r4"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-20685">CVE-2018-20685</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6109">CVE-2019-6109</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6110">CVE-2019-6110</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2019-6111">CVE-2019-6111</uri>
</references>
<metadata tag="requester" timestamp="2019-03-10T21:55:11Z">BlueKnight</metadata>
<metadata tag="submitter" timestamp="2019-03-20T13:35:05Z">b-man</metadata>
</glsa>

2
sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk vendored
View File

@ -1 +1 @@
Tue, 19 Mar 2019 13:08:37 +0000
Wed, 20 Mar 2019 14:08:36 +0000

2
sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit vendored
View File

@ -1 +1 @@
0a72c299702ffceee8f32f22b9d7b2c33e5140a0 1552965642 2019-03-19T03:20:42+00:00
30f2fef098951e797cb4c22b80fbeb640fff7f3f 1553088963 2019-03-20T13:36:03+00:00