+ Python: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in Python, the worst of
+ which could result in the arbitrary execution of code.
+
+ python
+ 2021-01-24
+ 2021-01-24
+ 749339
+ 759928
+ 766189
+ remote
+
+
+ 2.7.18-r6
+ 3.6.12-r2
+ 3.7.9-r2
+ 3.8.7-r1
+ 3.9.1-r1
+ 2.7.18-r6
+ 3.6.12-r2
+ 3.7.9-r2
+ 3.8.7-r1
+ 3.9.1-r1
+
+
+
+ Python is an interpreted, interactive, object-oriented programming
+ language.
+
+
+
+ Multiple vulnerabilities have been discovered in Python. Please review
+ the bugs referenced below for details.
+
+
+
+ A remote attacker could possibly execute arbitrary code with the
+ privileges of the process, or cause a Denial of Service condition.
+
+
+
+ There is no known workaround at this time.
+
+
+ All Python 2.7 users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/python-2.7.18-r5"
+
+
+ All Python 3.6 users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/python-3.6.12-r1"
+
+
+ All Python 3.7 users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/python-3.7.9-r1"
+
+
+ All Python 3.8 users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/python-3.8.6-r1"
+
+
+ All Python 3.9 users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/python-3.9.0-r1"
+
+
+
+
+ CVE-2020-26116
+ CVE-2021-3177
+
+ sam_c
+ sam_c
+
diff --git a/metadata/glsa/glsa-202101-19.xml b/metadata/glsa/glsa-202101-19.xml
new file mode 100644
index 000000000000..866c37dcdf8a
--- /dev/null
+++ b/metadata/glsa/glsa-202101-19.xml
@@ -0,0 +1,86 @@
+
+
+
+ OpenJDK: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in OpenJDK, the worst of
+ which could result in the arbitrary execution of code.
+
+ openjdk
+ 2021-01-25
+ 2021-01-25
+ 705992
+ 750833
+ remote
+
+
+ 8.272_p10
+ 8.272_p10
+
+
+ 8.272_p10
+ 8.272_p10
+
+
+ 8.272_p10
+ 8.272_p10
+
+
+
+ OpenJDK is a free and open-source implementation of the Java Platform,
+ Standard Edition.
+
+
+
+ Multiple vulnerabilities have been discovered in OpenJDK. Please review
+ the CVE identifiers referenced below for details.
+
+
+
+ Please review the referenced CVE identifiers for details.
+
+
+ There is no known workaround at this time.
+
+
+ All OpenJDK users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-8.272_p10"
+
+
+ All OpenJDK (binary) users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/openjdk-bin-8.272_p10"
+
+
+ All OpenJDK JRE (binary) users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=dev-java/openjdk-jre-bin-8.272_p10"
+
+
+
+ CVE-2020-14779
+ CVE-2020-14781
+ CVE-2020-14782
+ CVE-2020-14792
+ CVE-2020-14796
+ CVE-2020-14797
+ CVE-2020-14798
+ CVE-2020-14803
+ CVE-2020-2583
+ CVE-2020-2590
+ CVE-2020-2593
+ CVE-2020-2601
+ CVE-2020-2604
+ CVE-2020-2654
+ CVE-2020-2659
+
+ sam_c
+ b-man
+
diff --git a/metadata/glsa/glsa-202101-20.xml b/metadata/glsa/glsa-202101-20.xml
new file mode 100644
index 000000000000..c4fc0f6dd37c
--- /dev/null
+++ b/metadata/glsa/glsa-202101-20.xml
@@ -0,0 +1,53 @@
+
+
+