mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-16 01:16:59 +02:00
metadata: update GLSA metadata 20220216
This commit is contained in:
Dongsu Park
parent
e71406c68b
commit
d79bbf0c28
@ -1,23 +1,23 @@
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
MANIFEST Manifest.files.gz 517807 BLAKE2B 2ecdb63e9cfe1a1b71d23ab4fe58b057928be5a410ab9012b87ec1e7c917af227099229248e5b2c7dc5b25edb96e4adad920259d956349d0ecbb204178f8da2c SHA512 4ca9cc06a8ae7d4eefdd8a435b92f1f4e675295b618afdb11cf1d7f45b49f0fd5137f7f0c81b60933a8b942fe25de9928a9f4ffe0d5968bae8eae39c95a7da50
|
||||
TIMESTAMP 2021-09-03T09:39:09Z
|
||||
MANIFEST Manifest.files.gz 518284 BLAKE2B cb5fac863af3ef8aeec2b30770dcc46b92cbbaa35f883be3558623dd9e5b3307de19f033786959c2acefd089b402b92ae2601f1a2c9fbecd7bfee07eeebbf7b1 SHA512 052cb56c55e024e97ce62af25a94a63d53c61d2136da88877dd492ef68703ac7e8da03f6d57bdbf30b2c7ff7dccedfad2ae627469dda5745354b99d6f6e960d8
|
||||
TIMESTAMP 2022-02-14T12:39:14Z
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmEx7T1fFIAAAAAALgAo
|
||||
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmIKTXJfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
|
||||
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
|
||||
klDDdg/9E3xzbHQflhxbmbSuYxUQw+5moNxqX0RH7/BlcY/jtIzF4trigK8Sq+eQ
|
||||
zawPG+Z46e42+9llPtTeJ/S9fThrYfbJ2F8bw3QlQT6bdwOsi+Gm0x2taeLJM42L
|
||||
5TQUDlSsB9V0Q41nNpqBn4KKrz7KeSd0B6EFOtgyjIivAR6IiDpn6t8XHHQUAcDt
|
||||
MqeWOU1AuDvR3spVwNIXiC3nX8hn9LnPk2F/N3tmxAT1IctmW0mZtNxhlbEa48Le
|
||||
h/ESWkPqsPno/OGGby+qsXyS1+29LFq4dYin+zl9qOdFoqJ/FcbpYYajz7Kg4fT+
|
||||
Rt71hIBC9e6N4Vruyj4TGp1UyuQ95W8ff0fuuUGV02dsGZCgN1qdW8RD6x+LtAGn
|
||||
ee5tLam28eFy6n2M3ACaKdgGfUCQs5UozjR9/KjGjf5ZzMt1O0DYOkGK3lOx90jJ
|
||||
9R04NMl4lN6NqyzqEn0Gr6ljMyjhXP2VYaqQqtu0ybAezVenIV+xXw99WuA0IUYJ
|
||||
KEzFaKCB/D4tj6IidGvz3/Zk+Asa1+VxlZ3GoT9jkG4E93doQQk7mcWpulADxYwI
|
||||
1VYd/u/8ud8LLe6Yq61DZRnoAIyQJYhX8Ij2d54uD+G1vz/Oa+o0nk3yCcJl/Pjj
|
||||
A1vjJG4Be5NsoFJUVQaxiNcfN0KxGx6Z5RPgGMYlGhkSIjsw56U=
|
||||
=plvA
|
||||
klCAjA/9HwFYsxuRkPGRrV6K8wLfVbDVy/k1z37D9snjOnQ5b7wG3qlFapO+aD5d
|
||||
qRiqgJGNRmhF6j7YJ9jfTw3jeCxeIn2lR4S6KCSizAofr5Nzl/DNobfSqjNoDWew
|
||||
k8MZ/zu5WS7iHeSgXfX03fB/dXiwpxQBT14REa8pCfxnnplPKeu+FxyLRY1CCj8S
|
||||
xS/boQOaJUYwo7X9ODKjM9D2zQbhuQIn9TkCAZMCVDxaz93ITLZUEM+lNAKKRngo
|
||||
tHIDi3PQorvgCbrbCog5dLXi90Lziv7kpUJpF/rI70RisP4vbKFGXWA5ySs2lKXD
|
||||
CJTXEV03p0CZx+FN8l8KsaHG9FM3V1f7jVJdbs+x8cAxM9ycVNZYMU3BHJClW7CE
|
||||
MSUB9bdH+GB94qtj580+d4xq1A/MsWSvsARlWo2YgWoIetvCLlCp6qNSooKUFHiu
|
||||
UmlyYPVLWaGBtrBYIEkJCWrsBG6TgYweMXVOpXNv0SLuUiv2PfynzThHeF7KqCtY
|
||||
G/Rd2hO+awkXUS3DnjSw1Ldduvd/gOrwa6TV5KYdfBI5pfvn1CmbrUJFjcscigX2
|
||||
mTy1MQuh0HtqYGlUGmGKF6vf7dJiD7RSxM4EGA6ySepCQYtlj62zC+d/smlU9mmJ
|
||||
4U+j6d1yk0cI518+9Uxj+xlHX6ItY11h18P5UASSIBFbwxajMhw=
|
||||
=1Nn+
|
||||
-----END PGP SIGNATURE-----
|
||||
|
||||
Binary file not shown.
44
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202201-01.xml
vendored
Normal file
44
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202201-01.xml
vendored
Normal file
@ -0,0 +1,44 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="202201-01">
|
||||
<title>Polkit: Local privilege escalation</title>
|
||||
<synopsis>A vulnerability in polkit could lead to local root privilege escalation.
|
||||
</synopsis>
|
||||
<product type="ebuild">polkit</product>
|
||||
<announced>2022-01-27</announced>
|
||||
<revised count="1">2022-01-27</revised>
|
||||
<bug>832057</bug>
|
||||
<access>local</access>
|
||||
<affected>
|
||||
<package name="sys-auth/polkit" auto="yes" arch="*">
|
||||
<unaffected range="ge">0.120-r2</unaffected>
|
||||
<vulnerable range="lt">0.120-r2</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>polkit is a toolkit for managing policies related to unprivileged processes communicating with privileged process. </p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Flawed input validation of arguments was discovered in the 'pkexec' program's main() function.</p>
|
||||
</description>
|
||||
<impact type="high">
|
||||
<p>A local attacker could achieve root privilege escalation.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>Run the following command as root:
|
||||
# chmod 0755 /usr/bin/pkexec</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>Upgrade Polkit to a patched version.</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --verbose ">=sys-auth/polkit-0.120-r2"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4034">CVE-2021-4034</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2022-01-27T04:56:33.847737Z">sam</metadata>
|
||||
<metadata tag="submitter" timestamp="2022-01-27T04:56:33.851433Z">sam</metadata>
|
||||
</glsa>
|
||||
257
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202201-02.xml
vendored
Normal file
257
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202201-02.xml
vendored
Normal file
@ -0,0 +1,257 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="202201-02">
|
||||
<title>Chromium, Google Chrome: Multiple vulnerabilities</title>
|
||||
<synopsis>Multiple vulnerabilities have been found in Chromium and Google
|
||||
Chrome, the worst of which could result in the arbitrary execution of code.
|
||||
</synopsis>
|
||||
<product type="ebuild">chromium,google-chrome</product>
|
||||
<announced>2022-01-31</announced>
|
||||
<revised count="1">2022-01-31</revised>
|
||||
<bug>803167</bug>
|
||||
<bug>806223</bug>
|
||||
<bug>808715</bug>
|
||||
<bug>811348</bug>
|
||||
<bug>813035</bug>
|
||||
<bug>814221</bug>
|
||||
<bug>814617</bug>
|
||||
<bug>815673</bug>
|
||||
<bug>816984</bug>
|
||||
<bug>819054</bug>
|
||||
<bug>820689</bug>
|
||||
<bug>824274</bug>
|
||||
<bug>829190</bug>
|
||||
<bug>830642</bug>
|
||||
<bug>831624</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="www-client/google-chrome" auto="yes" arch="*">
|
||||
<unaffected range="ge">97.0.4692.99</unaffected>
|
||||
<vulnerable range="lt">97.0.4692.99</vulnerable>
|
||||
</package>
|
||||
<package name="www-client/chromium" auto="yes" arch="*">
|
||||
<unaffected range="ge">97.0.4692.99</unaffected>
|
||||
<vulnerable range="lt">97.0.4692.99</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>Chromium is an open-source browser project that aims to build a safer,
|
||||
faster, and more stable way for all users to experience the web.
|
||||
</p>
|
||||
|
||||
<p> Google Chrome is one, fast, simple, and secure browser for all
|
||||
your devices.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Multiple vulnerabilities have been discovered in Chromium
|
||||
and Google Chrome. Please review the CVE identifiers referenced below
|
||||
for details.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="high">
|
||||
<p>Please review the referenced CVE identifiers for details.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All Chromium users should upgrade to the latest version:</p>
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose
|
||||
">=www-client/chromium-97.0.4692.99"
|
||||
</code>
|
||||
|
||||
<p>All Google Chrome users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose
|
||||
">=www-client/google-chrome-97.0.4692.99"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30565">CVE-2021-30565</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30566">CVE-2021-30566</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30567">CVE-2021-30567</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30568">CVE-2021-30568</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30569">CVE-2021-30569</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30571">CVE-2021-30571</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30572">CVE-2021-30572</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30573">CVE-2021-30573</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30574">CVE-2021-30574</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30575">CVE-2021-30575</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30576">CVE-2021-30576</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30577">CVE-2021-30577</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30578">CVE-2021-30578</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30579">CVE-2021-30579</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30580">CVE-2021-30580</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30581">CVE-2021-30581</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30582">CVE-2021-30582</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30583">CVE-2021-30583</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30584">CVE-2021-30584</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30585">CVE-2021-30585</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30586">CVE-2021-30586</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30587">CVE-2021-30587</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30588">CVE-2021-30588</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30589">CVE-2021-30589</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30590">CVE-2021-30590</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30591">CVE-2021-30591</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30592">CVE-2021-30592</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30593">CVE-2021-30593</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30594">CVE-2021-30594</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30596">CVE-2021-30596</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30597">CVE-2021-30597</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30598">CVE-2021-30598</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30599">CVE-2021-30599</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30600">CVE-2021-30600</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30601">CVE-2021-30601</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30602">CVE-2021-30602</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30603">CVE-2021-30603</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30604">CVE-2021-30604</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30606">CVE-2021-30606</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30607">CVE-2021-30607</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30608">CVE-2021-30608</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30609">CVE-2021-30609</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30610">CVE-2021-30610</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30611">CVE-2021-30611</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30612">CVE-2021-30612</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30613">CVE-2021-30613</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30614">CVE-2021-30614</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30615">CVE-2021-30615</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30616">CVE-2021-30616</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30617">CVE-2021-30617</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30618">CVE-2021-30618</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30619">CVE-2021-30619</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30620">CVE-2021-30620</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30621">CVE-2021-30621</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30622">CVE-2021-30622</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30623">CVE-2021-30623</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30624">CVE-2021-30624</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30625">CVE-2021-30625</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30626">CVE-2021-30626</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30627">CVE-2021-30627</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30628">CVE-2021-30628</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30629">CVE-2021-30629</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30630">CVE-2021-30630</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30631">CVE-2021-30631</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30632">CVE-2021-30632</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30633">CVE-2021-30633</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37956">CVE-2021-37956</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37957">CVE-2021-37957</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37958">CVE-2021-37958</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37959">CVE-2021-37959</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37960">CVE-2021-37960</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37961">CVE-2021-37961</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37962">CVE-2021-37962</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37963">CVE-2021-37963</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37965">CVE-2021-37965</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37966">CVE-2021-37966</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37967">CVE-2021-37967</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37968">CVE-2021-37968</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37970">CVE-2021-37970</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37971">CVE-2021-37971</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37973">CVE-2021-37973</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37974">CVE-2021-37974</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37975">CVE-2021-37975</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37976">CVE-2021-37976</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37977">CVE-2021-37977</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37978">CVE-2021-37978</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37979">CVE-2021-37979</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37981">CVE-2021-37981</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37982">CVE-2021-37982</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37983">CVE-2021-37983</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37984">CVE-2021-37984</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37985">CVE-2021-37985</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37986">CVE-2021-37986</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37987">CVE-2021-37987</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37988">CVE-2021-37988</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37989">CVE-2021-37989</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37990">CVE-2021-37990</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37991">CVE-2021-37991</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37992">CVE-2021-37992</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37993">CVE-2021-37993</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37994">CVE-2021-37994</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37995">CVE-2021-37995</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37996">CVE-2021-37996</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37997">CVE-2021-37997</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37998">CVE-2021-37998</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-37999">CVE-2021-37999</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38000">CVE-2021-38000</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38001">CVE-2021-38001</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38002">CVE-2021-38002</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38003">CVE-2021-38003</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38005">CVE-2021-38005</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38006">CVE-2021-38006</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38007">CVE-2021-38007</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38008">CVE-2021-38008</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38009">CVE-2021-38009</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38010">CVE-2021-38010</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38011">CVE-2021-38011</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38012">CVE-2021-38012</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38013">CVE-2021-38013</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38014">CVE-2021-38014</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38015">CVE-2021-38015</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38016">CVE-2021-38016</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38017">CVE-2021-38017</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38018">CVE-2021-38018</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38019">CVE-2021-38019</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38020">CVE-2021-38020</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38021">CVE-2021-38021</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-38022">CVE-2021-38022</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4098">CVE-2021-4098</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4099">CVE-2021-4099</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4100">CVE-2021-4100</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4101">CVE-2021-4101</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-4102">CVE-2021-4102</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0096">CVE-2022-0096</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0097">CVE-2022-0097</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0098">CVE-2022-0098</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0099">CVE-2022-0099</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0100">CVE-2022-0100</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0101">CVE-2022-0101</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0102">CVE-2022-0102</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0103">CVE-2022-0103</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0104">CVE-2022-0104</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0105">CVE-2022-0105</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0106">CVE-2022-0106</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0107">CVE-2022-0107</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0108">CVE-2022-0108</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0109">CVE-2022-0109</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0110">CVE-2022-0110</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0111">CVE-2022-0111</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0112">CVE-2022-0112</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0113">CVE-2022-0113</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0114">CVE-2022-0114</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0115">CVE-2022-0115</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0116">CVE-2022-0116</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0117">CVE-2022-0117</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0118">CVE-2022-0118</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0120">CVE-2022-0120</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0289">CVE-2022-0289</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0290">CVE-2022-0290</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0291">CVE-2022-0291</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0292">CVE-2022-0292</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0293">CVE-2022-0293</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0294">CVE-2022-0294</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0295">CVE-2022-0295</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0296">CVE-2022-0296</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0297">CVE-2022-0297</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0298">CVE-2022-0298</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0300">CVE-2022-0300</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0301">CVE-2022-0301</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0302">CVE-2022-0302</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0303">CVE-2022-0303</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0304">CVE-2022-0304</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0305">CVE-2022-0305</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0306">CVE-2022-0306</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0307">CVE-2022-0307</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0308">CVE-2022-0308</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0309">CVE-2022-0309</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0310">CVE-2022-0310</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-0311">CVE-2022-0311</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2022-01-31T02:28:15.932334Z">ajak</metadata>
|
||||
<metadata tag="submitter" timestamp="2022-01-31T02:28:15.937368Z">ajak</metadata>
|
||||
</glsa>
|
||||
111
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202202-01.xml
vendored
Normal file
111
sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202202-01.xml
vendored
Normal file
@ -0,0 +1,111 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
||||
<glsa id="202202-01">
|
||||
<title>WebkitGTK+: Multiple vulnerabilities</title>
|
||||
<synopsis>Multiple vulnerabilities have been found in WebkitGTK+, the worst of
|
||||
which could result in the arbitrary execution of code.
|
||||
</synopsis>
|
||||
<product type="ebuild">webkit-gtk</product>
|
||||
<announced>2022-02-01</announced>
|
||||
<revised count="1">2022-02-01</revised>
|
||||
<bug>779175</bug>
|
||||
<bug>801400</bug>
|
||||
<bug>813489</bug>
|
||||
<bug>819522</bug>
|
||||
<bug>820434</bug>
|
||||
<bug>829723</bug>
|
||||
<bug>831739</bug>
|
||||
<access>remote</access>
|
||||
<affected>
|
||||
<package name="net-libs/webkit-gtk" auto="yes" arch="*">
|
||||
<unaffected range="ge">2.34.4</unaffected>
|
||||
<vulnerable range="lt">2.34.4</vulnerable>
|
||||
</package>
|
||||
</affected>
|
||||
<background>
|
||||
<p>WebKitGTK+ is a full-featured port of the WebKit rendering engine,
|
||||
suitable for projects requiring any kind of web integration,
|
||||
from hybrid HTML/CSS applications to full-fledged web browsers.
|
||||
</p>
|
||||
</background>
|
||||
<description>
|
||||
<p>Multiple vulnerabilities have been discovered in WebkitGTK+. Please
|
||||
review the CVE identifiers referenced below for details.
|
||||
</p>
|
||||
</description>
|
||||
<impact type="high">
|
||||
<p>An attacker, by enticing a user to visit maliciously
|
||||
crafted web content, may be able to execute arbitrary code, violate
|
||||
iframe sandboxing policy, access restricted ports on arbitrary
|
||||
servers, cause memory corruption, or could cause a Denial of Service
|
||||
condition.</p>
|
||||
</impact>
|
||||
<workaround>
|
||||
<p>There is no known workaround at this time.</p>
|
||||
</workaround>
|
||||
<resolution>
|
||||
<p>All WebkitGTK+ users should upgrade to the latest version:</p>
|
||||
|
||||
<code>
|
||||
# emerge --sync
|
||||
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.34.4"
|
||||
</code>
|
||||
</resolution>
|
||||
<references>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1788">CVE-2021-1788</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1817">CVE-2021-1817</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1820">CVE-2021-1820</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1825">CVE-2021-1825</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1826">CVE-2021-1826</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1844">CVE-2021-1844</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-1871">CVE-2021-1871</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21775">CVE-2021-21775</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21779">CVE-2021-21779</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-21806">CVE-2021-21806</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30661">CVE-2021-30661</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30663">CVE-2021-30663</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30665">CVE-2021-30665</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30666">CVE-2021-30666</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30682">CVE-2021-30682</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30689">CVE-2021-30689</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30720">CVE-2021-30720</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30734">CVE-2021-30734</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30744">CVE-2021-30744</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30749">CVE-2021-30749</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30758">CVE-2021-30758</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30761">CVE-2021-30761</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30762">CVE-2021-30762</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30795">CVE-2021-30795</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30797">CVE-2021-30797</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30799">CVE-2021-30799</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30809">CVE-2021-30809</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30818">CVE-2021-30818</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30823">CVE-2021-30823</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30836">CVE-2021-30836</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30846">CVE-2021-30846</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30848">CVE-2021-30848</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30849">CVE-2021-30849</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30851">CVE-2021-30851</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30858">CVE-2021-30858</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30884">CVE-2021-30884</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30887">CVE-2021-30887</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30888">CVE-2021-30888</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30889">CVE-2021-30889</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30890">CVE-2021-30890</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30897">CVE-2021-30897</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30934">CVE-2021-30934</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30936">CVE-2021-30936</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30951">CVE-2021-30951</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30952">CVE-2021-30952</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30953">CVE-2021-30953</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30954">CVE-2021-30954</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-30984">CVE-2021-30984</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-42762">CVE-2021-42762</uri>
|
||||
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2021-45482">CVE-2021-45482</uri>
|
||||
<uri link="https://webkitgtk.org/security/WSA-2021-0004.html">WSA-2021-0004</uri>
|
||||
<uri link="https://webkitgtk.org/security/WSA-2021-0005.html">WSA-2021-0005</uri>
|
||||
<uri link="https://webkitgtk.org/security/WSA-2021-0006.html">WSA-2021-0006</uri>
|
||||
</references>
|
||||
<metadata tag="requester" timestamp="2022-02-01T03:14:55.683733Z">ajak</metadata>
|
||||
<metadata tag="submitter" timestamp="2022-02-01T03:14:55.704686Z">ajak</metadata>
|
||||
</glsa>
|
||||
@ -1 +1 @@
|
||||
Fri, 03 Sep 2021 09:39:05 +0000
|
||||
Mon, 14 Feb 2022 12:39:11 +0000
|
||||
|
||||
@ -1 +1 @@
|
||||
7b9e3c731523fe15934efc37e813384c70ecd7b6 1627096087 2021-07-24T03:08:07+00:00
|
||||
d2418b0a913a694a55e21440268b44301931867c 1643686264 2022-02-01T03:31:04+00:00
|
||||
|
||||
Loading…
Reference in New Issue
Block a user