Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

MANIFEST Manifest.files.gz 596980 BLAKE2B eddb25532154bba44bb35623eb68543626c56c08b4a9b70673d678e12e2e9d223dee9cf4d0203ab7966bfde59e62bbac75b407365fffaffd689f74499226bdef SHA512 63607f6c6d89e0de89c2ed0d49a183cf3ebf144547b6b6c3a675072d222d42a76895e60d6f7b099c2762d742420925f50f5f0705f64f212c92b5228a8c6aac91
TIMESTAMP 2025-05-01T06:40:34Z
MANIFEST Manifest.files.gz 603488 BLAKE2B ebca6f413ef9456acfa01a7be22226fd83f61e0109e624ff90acce6663950f2e0a7e110696bc94f3757cdddb49cc2d61fde6a79593a0e5884c9dc0b35eb84095 SHA512 efd770b2b0900c9e04c93fbdf050175ae85a73f21ddba5e33320f7f0ae5509a7fde11f119bd97c55c509caae16ec9b953d2bc9d4f719fb1b34da79f69196e35f
TIMESTAMP 2025-09-01T06:40:55Z
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmgTF2JfFIAAAAAALgAo
iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmi1P/hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
klDRMQ/+PAi2qYoR0sip4LFgbYOupfpmsR8tU5KJ1/74lCyKWzBeJXLv6ZpzzUfQ
/zdiT7LTQTI/S+rLzGZ9iuru+SDj+TmSaqqe3/V47EMXrIUMQmi2/wpv4Xdz6SZv
vaIEnBvxy7AcER2kd3SjuP7oqh49lY3M8lSxGzDcyLuKLMtA0GruuXoOHK8Kc32p
e4MTmHiysNkwQ48mxpogteDz6UzMDz69H+RidhBJLcXj+VNi69jmLFUUWJ0WlINK
BScxduFU4NdYew2iDUFohVSAvLshHnpWUg/S6WlJo1Kf7XSjROBnuNxbrHrRfBRh
m4mx1fdXE73jM7QOpyx+BflrOEBmvrsGC2WJpI+YU5HmhRldkq9I1+amcPJEx/WD
8lTul44UWczfeDxOjVSwQ4Ez0a3YzGxtvo/6aT/P/8u6lxZwXC73F4vPe9B/qQDn
tCVkS4kDfMQf3zUlypFo3ny6eF54AcWzaT6XDIYVYJD1aSMXXqHhoffznAFB9Tjd
gmYAjCPk/6Oi7WPKEg+TryBnQLv9GEL7TRpQDAAMf0vc8OXwsJbEfS1HO8msMjA7
+q4SVTPh7y9uKR62hu9MLuEXBxm3w4fS+U8e+62SVPIqwFsa5Q92Sh98AOPjK9yY
ViFNSQ0SCOaoWbmk9YFaC7JywXnlIXpD7si1W5a4hQ9aIF+qLqs=
=4GyX
klB6WBAAr29MpcZiLGGRywQUMN9svXWc1moJLiXIwKS2Ve8+e0DuRVgDkKGLUKd9
F3m9rkwqbUD1EF4yTTtYGmi7DFVue18ofjUkwca/VzA6NhPvyMDIcEypNcbHSRD6
CWYKV3XXNDvb7rMiTmy9azV046FUg/Vqsj5UOJAf6naKDzjVygUiFjlmuzYRPTn3
I5IZrHdfpMCrd9EOg/WyLg0oCs332qp35ugi4jYPbtpgc4X/LzBQpUDXSTtMofZs
ya9jRbj4A9JwQPJAJbnnsIigs1ht96lxhq5f1ifPDsucw/BGSRjoYq9VmDaChuP/
dWtp+3ocUaJigCiGRgQxbg8pHfUOhQ8l4EmQpPWG0HhxbJ+mINsYmGiJMm4Sx57Z
o0qidbSB4QNwvKsK2ApXI3q+cYhSPhIsoN0JFIG+yVObuApum9I6xwTKqqZzh/zt
CMGxLIIGohHmX3WgTvpk1bVq32vZNiLIGO2I3xDRAhi0TvH5ZUORgs5ep8nguDDt
8OITqm8C2NS0cbSll+QU8H80vd9VymR1uT8AjJRepHdlQNQMEd2xCQLfdCXbQxdo
oyQwkidLEJwbCTKzzrksqWoDpsw+m+iUXC9W+q7rU+YosRZ2WIdiNrhEGomguvNv
rElAqVdXgrBxyYUa4/chO+9NR5k2jyfv2nLGfDzduTIDDUEnyqk=
=Ro42
-----END PGP SIGNATURE-----
Binary file not shown.
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="202411-06">
<title>GnuTLS: Multiple Vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.</synopsis>
<product type="ebuild">gnutls</product>
<announced>2024-11-17</announced>
<revised count="1">2024-11-17</revised>
<bug>831573</bug>
<bug>861803</bug>
<bug>893880</bug>
<bug>918663</bug>
<bug>922262</bug>
<bug>927557</bug>
<access>remote</access>
<affected>
<package name="net-libs/gnutls" auto="yes" arch="*">
<unaffected range="ge">3.8.5</unaffected>
<vulnerable range="lt">3.8.5</vulnerable>
</package>
</affected>
<background>
<p>GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details.</p>
</description>
<impact type="normal">
<p>Please review the referenced CVE identifiers for details.</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All GnuTLS users should upgrade to the latest version:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/gnutls-3.8.5"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-2509">CVE-2022-2509</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-0361">CVE-2023-0361</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-5981">CVE-2023-5981</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-0553">CVE-2024-0553</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-0567">CVE-2024-0567</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-28834">CVE-2024-28834</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-28835">CVE-2024-28835</uri>
</references>
<metadata tag="requester" timestamp="2024-11-17T08:50:20.605702Z">graaff</metadata>
<metadata tag="submitter" timestamp="2024-11-17T08:50:20.609484Z">sam</metadata>
</glsa>
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="202505-01">
<title>PAM: Multiple Vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to password leakage.</synopsis>
<product type="ebuild">pam</product>
<announced>2025-05-12</announced>
<revised count="1">2025-05-12</revised>
<bug>922397</bug>
<bug>942075</bug>
<access>remote</access>
<affected>
<package name="sys-libs/pam" auto="yes" arch="*">
<unaffected range="ge">1.7.0_p20241230</unaffected>
<vulnerable range="lt">1.7.0_p20241230</vulnerable>
</package>
</affected>
<background>
<p>PAM (Pluggable Authentication Modules) is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes.</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in PAM. Please review the CVE identifiers referenced below for details.</p>
</description>
<impact type="high">
<p>Please review the referenced CVE identifiers for details.</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All PAM users should upgrade to the latest version:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-libs/pam-1.7.0_p20241230"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-10041">CVE-2024-10041</uri>
</references>
<metadata tag="requester" timestamp="2025-05-12T06:55:41.605140Z">graaff</metadata>
<metadata tag="submitter" timestamp="2025-05-12T06:55:41.608795Z">graaff</metadata>
</glsa>
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="202505-02">
<title>Mozilla Firefox: Multiple Vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.</synopsis>
<product type="ebuild">firefox,firefox-bin</product>
<announced>2025-05-12</announced>
<revised count="1">2025-05-12</revised>
<bug>951563</bug>
<bug>953021</bug>
<access>remote</access>
<affected>
<package name="www-client/firefox" auto="yes" arch="*">
<unaffected range="ge" slot="stable">137.0.1</unaffected>
<unaffected range="ge" slot="esr">128.9.0</unaffected>
<vulnerable range="lt" slot="stable">137.0.1</vulnerable>
<vulnerable range="lt" slot="esr">128.9.0</vulnerable>
</package>
<package name="www-client/firefox-bin" auto="yes" arch="*">
<unaffected range="ge" slot="stable">137.0.1</unaffected>
<unaffected range="ge" slot="esr">128.9.0</unaffected>
<vulnerable range="lt" slot="stable">137.0.1</vulnerable>
<vulnerable range="lt" slot="esr">128.9.0</vulnerable>
</package>
</affected>
<background>
<p>Mozilla Firefox is a popular open-source web browser from the Mozilla project.</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details.</p>
</description>
<impact type="high">
<p>Please review the referenced CVE identifiers for details.</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Mozilla Firefox users should upgrade to the latest version in their release channel:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-137.0.1:rapid"
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-128.9.0:esr"
</code>

<p>All Mozilla Firefox users should upgrade to the latest version:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-137.0.1:rapid"
# emerge --ask --oneshot --verbose ">=www-client/firefox-128.9.0:esr"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-43097">CVE-2024-43097</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1931">CVE-2025-1931</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1932">CVE-2025-1932</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1933">CVE-2025-1933</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1934">CVE-2025-1934</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1935">CVE-2025-1935</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1936">CVE-2025-1936</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1937">CVE-2025-1937</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1938">CVE-2025-1938</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1941">CVE-2025-1941</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1942">CVE-2025-1942</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1943">CVE-2025-1943</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3028">CVE-2025-3028</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3029">CVE-2025-3029</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3030">CVE-2025-3030</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3031">CVE-2025-3031</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3032">CVE-2025-3032</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3034">CVE-2025-3034</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3035">CVE-2025-3035</uri>
<uri>MFSA2025-14</uri>
<uri>MFSA2025-16</uri>
<uri>MFSA2025-18</uri>
<uri>MFSA2025-20</uri>
<uri>MFSA2025-22</uri>
<uri>MFSA2025-23</uri>
<uri>MFSA2025-24</uri>
</references>
<metadata tag="requester" timestamp="2025-05-12T08:06:29.059257Z">graaff</metadata>
<metadata tag="submitter" timestamp="2025-05-12T08:06:29.061692Z">graaff</metadata>
</glsa>
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="202505-03">
<title>Mozilla Thunderbird: Multiple Vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.</synopsis>
<product type="ebuild">thunderbird,thunderbird-bin</product>
<announced>2025-05-12</announced>
<revised count="1">2025-05-12</revised>
<bug>945051</bug>
<bug>948114</bug>
<bug>951564</bug>
<bug>953022</bug>
<access>remote</access>
<affected>
<package name="mail-client/thunderbird" auto="yes" arch="*">
<unaffected range="ge">128.9.0</unaffected>
<vulnerable range="lt">128.9.0</vulnerable>
</package>
<package name="mail-client/thunderbird-bin" auto="yes" arch="*">
<unaffected range="ge">128.9.0</unaffected>
<vulnerable range="lt">128.9.0</vulnerable>
</package>
</affected>
<background>
<p>Mozilla Thunderbird is a popular open-source email client from the Mozilla project.</p>
</background>
<description>
<p>Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details.</p>
</description>
<impact type="high">
<p>Please review the referenced CVE identifiers for details.</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All Mozilla Thunderbird users should upgrade to the latest version:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-128.9.0"
</code>

<p>All Mozilla Thunderbird users should upgrade to the latest version:</p>

<code>
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-128.9.0"
</code>
</resolution>
<references>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11692">CVE-2024-11692</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11694">CVE-2024-11694</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11695">CVE-2024-11695</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11696">CVE-2024-11696</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11697">CVE-2024-11697</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11699">CVE-2024-11699</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11700">CVE-2024-11700</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11701">CVE-2024-11701</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11704">CVE-2024-11704</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11705">CVE-2024-11705</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11706">CVE-2024-11706</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-11708">CVE-2024-11708</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-43097">CVE-2024-43097</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2024-50336">CVE-2024-50336</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0237">CVE-2025-0237</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0238">CVE-2025-0238</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0239">CVE-2025-0239</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0240">CVE-2025-0240</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0241">CVE-2025-0241</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0242">CVE-2025-0242</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-0243">CVE-2025-0243</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1931">CVE-2025-1931</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1932">CVE-2025-1932</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1933">CVE-2025-1933</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1934">CVE-2025-1934</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1935">CVE-2025-1935</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1936">CVE-2025-1936</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1937">CVE-2025-1937</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-1938">CVE-2025-1938</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3028">CVE-2025-3028</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3029">CVE-2025-3029</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3030">CVE-2025-3030</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3031">CVE-2025-3031</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3032">CVE-2025-3032</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-3034">CVE-2025-3034</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-26695">CVE-2025-26695</uri>
<uri link="https://nvd.nist.gov/vuln/detail/CVE-2025-26696">CVE-2025-26696</uri>
<uri>MFSA2024-63</uri>
<uri>MFSA2024-64</uri>
<uri>MFSA2024-65</uri>
<uri>MFSA2024-67</uri>
<uri>MFSA2024-68</uri>
<uri>MFSA2025-01</uri>
<uri>MFSA2025-02</uri>
<uri>MFSA2025-05</uri>
<uri>MFSA2025-14</uri>
<uri>MFSA2025-16</uri>
<uri>MFSA2025-18</uri>
<uri>MFSA2025-20</uri>
<uri>MFSA2025-22</uri>
<uri>MFSA2025-23</uri>
<uri>MFSA2025-24</uri>
</references>
<metadata tag="requester" timestamp="2025-05-12T09:13:59.331961Z">graaff</metadata>
<metadata tag="submitter" timestamp="2025-05-12T09:13:59.334292Z">graaff</metadata>
</glsa>
Loading