+ rsync: Arbitrary command execution
+ A vulnerability in rsync might allow remote attackers to execute
+ arbitrary commands.
+
+ rsync
+ 2018-05-08
+ 2018-05-08
+ 646818
+ remote
+
+
+ 3.1.3
+ 3.1.3
+
+
+
+ File transfer program to keep remote files into sync.
+
+
+ A vulnerability was discovered in rsync’s parse_arguments function in
+ options.c.
+
+
+
+ Remote attackers could possibly execute arbitrary commands with the
+ privilege of the process.
+
+
+
+ There is no known workaround at this time.
+
+
+ All rsync users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.1.3"
+
+
+
+ CVE-2018-5764
+
+ Zlogene
+ b-man
+
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index d3db07ea75c0..410e0615e0fe 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Tue, 08 May 2018 15:08:23 +0000
+Wed, 09 May 2018 20:38:22 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 94cb37af3cfa..80519ec96966 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-e5c04f29237a0b5ac8d5c241b6f686f89d46e211 1525305465 2018-05-02T23:57:45+00:00
+b65153089d9ef7671aaa737050c3a53cb35a1893 1525793297 2018-05-08T15:28:17+00:00
diff --git a/metadata/md5-cache/Manifest.gz b/metadata/md5-cache/Manifest.gz
index 4e66bfa287e8..80850990e9de 100644
Binary files a/metadata/md5-cache/Manifest.gz and b/metadata/md5-cache/Manifest.gz differ
diff --git a/metadata/md5-cache/app-admin/Manifest.gz b/metadata/md5-cache/app-admin/Manifest.gz
index 731c7c526079..64cd0ea8ae83 100644
Binary files a/metadata/md5-cache/app-admin/Manifest.gz and b/metadata/md5-cache/app-admin/Manifest.gz differ
diff --git a/metadata/md5-cache/app-admin/sxid-4.2-r2 b/metadata/md5-cache/app-admin/sxid-4.2-r2
index 09bfec9a312e..5499339f96d0 100644
--- a/metadata/md5-cache/app-admin/sxid-4.2-r2
+++ b/metadata/md5-cache/app-admin/sxid-4.2-r2
@@ -3,10 +3,10 @@ DEPEND=>=app-portage/elt-patches-20170422 !