+ Bundler: Insecure installation
+ A vulnerability has been found in Bundler, allowing injection of
+ arbitrary code via the gem installation process.
+
+ bundler
+ September 26, 2016
+ September 26, 2016: 1
+ 523798
+ remote
+
+
+ 1.7.3
+ 1.7.3
+
+
+
+ Bundler provides a consistent environment for Ruby projects by tracking
+ and installing the exact gems and versions that are needed.
+
+
+
+ Bundler, allows the installation of gems from different sources with the
+ same names, when multiple top-level gem sources are used.
+
+
+
+ Remote attackers could inject arbitrary code via the gem install
+ process.
+
+
+
+ There is no known workaround at this time.
+
+
+ All Bundler users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-ruby/bundler-1.7.3"
+
+
+
+ CVE-2013-0334
+
+
+ BlueKnight
+
+ b-man
+
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index df18a4f21d21..d4198b488160 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Sat, 24 Sep 2016 19:10:37 +0000
+Mon, 26 Sep 2016 08:40:36 +0000
diff --git a/metadata/md5-cache/app-admin/lsyncd-2.1.6-r1 b/metadata/md5-cache/app-admin/lsyncd-2.1.6-r1
new file mode 100644
index 000000000000..b88b3396e323
--- /dev/null
+++ b/metadata/md5-cache/app-admin/lsyncd-2.1.6-r1
@@ -0,0 +1,12 @@
+DEFINED_PHASES=compile configure install prepare test
+DEPEND=>=dev-lang/lua-5.1[deprecated] app-text/asciidoc virtual/pkgconfig sys-devel/make >=dev-util/cmake-2.8.12
+DESCRIPTION=Live Syncing (Mirror) Daemon
+EAPI=6
+HOMEPAGE=https://github.com/axkibe/lsyncd
+KEYWORDS=~amd64 ~x86 ~amd64-linux ~arm-linux ~x86-linux
+LICENSE=GPL-2
+RDEPEND=>=dev-lang/lua-5.1[deprecated] net-misc/rsync
+SLOT=0
+SRC_URI=https://github.com/axkibe/lsyncd/archive/release-2.1.6.tar.gz -> lsyncd-2.1.6.tar.gz
+_eclasses_=cmake-utils f3d38665b0a86e08ba3a5473cdbfafd3 eutils b83a2420b796f7c6eff682679d08fe25 flag-o-matic 8632fcd33a047954f007dee9a137bdcc multilib 165fc17c38d1b11dac2008280dab6e80 toolchain-funcs 6198c04daba0e1307bd844df7d37f423 versionator 99ae9d758cbe7cfed19170e7d48f5a9c
+_md5_=8547f9284191c6aa45887cc00f3c9f88
diff --git a/metadata/md5-cache/app-arch/snappy-1.1.3-r1 b/metadata/md5-cache/app-arch/snappy-1.1.3-r1
index 7bb3692beaec..b005e15eb61b 100644
--- a/metadata/md5-cache/app-arch/snappy-1.1.3-r1
+++ b/metadata/md5-cache/app-arch/snappy-1.1.3-r1
@@ -4,9 +4,9 @@ DESCRIPTION=A high-speed compression/decompression library by Google
EAPI=6
HOMEPAGE=https://github.com/google/snappy
IUSE=static-libs abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64
-KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux
+KEYWORDS=~alpha amd64 ~arm ~arm64 hppa ~ppc ~ppc64 x86 ~amd64-fbsd ~amd64-linux ~x86-linux
LICENSE=BSD
SLOT=0
SRC_URI=https://github.com/google/snappy/releases/download/1.1.3/snappy-1.1.3.tar.gz
_eclasses_=autotools 07e71b3b5690738ef7e8bc097077e00c libtool 4890219c51da247200223277f993e054 multibuild 742139c87a9fa3766f0c2b155e5522bf multilib 165fc17c38d1b11dac2008280dab6e80 multilib-build 8fe2e81aeb36cdf8a6cc5f50443879cc multilib-minimal 0224dee31c0f98405d572e14ad6dee65 toolchain-funcs 6198c04daba0e1307bd844df7d37f423
-_md5_=225a271f7296e76c8e2ab324a7ef7bd5
+_md5_=bf8d325507e0f135f104db581bc7c577
diff --git a/metadata/md5-cache/app-crypt/gpgme-1.7.0 b/metadata/md5-cache/app-crypt/gpgme-1.7.0
index c09e367d3502..a685b487a4b9 100644
--- a/metadata/md5-cache/app-crypt/gpgme-1.7.0
+++ b/metadata/md5-cache/app-crypt/gpgme-1.7.0
@@ -1,5 +1,5 @@
DEFINED_PHASES=compile configure install prepare
-DEPEND=app-crypt/gnupg >=dev-libs/libassuan-2.0.2 >=dev-libs/libgpg-error-1.11 qt5? ( dev-qt/qtcore:5 !kde-apps/gpgmepp:4 !kde-apps/kdepimlibs:4 ) python? ( python_targets_python2_7? ( >=dev-lang/python-2.7.5-r2:2.7 ) python_targets_python3_3? ( >=dev-lang/python-3.3.2-r2:3.3 ) python_targets_python3_4? ( dev-lang/python:3.4 ) >=dev-lang/python-exec-2:=[python_targets_python2_7(-)?,python_targets_python3_3(-)?,python_targets_python3_4(-)?,-python_single_target_python2_7(-),-python_single_target_python3_3(-),-python_single_target_python3_4(-)] ) qt5? ( test? ( dev-qt/qttest:5 ) ) !