+ Joblib: Arbitrary Code Execution
+ A vulnerability has been found in Joblib which allows for arbitrary code execution.
+ joblib
+ 2024-01-02
+ 2024-01-02
+ 873151
+ remote
+
+
+ 1.2.0
+ 1.2.0
+
+
+
+ Joblib is a set of tools to provide lightweight pipelining in Python. In particular:
+
+1. transparent disk-caching of functions and lazy re-evaluation (memoize pattern)
+2. easy simple parallel computing
+
+Joblib is optimized to be fast and robust on large data in particular and has specific optimizations for numpy arrays.
+
+
+ A vulnerability has been discovered in Joblib. Please review the CVE identifier referenced below for details.
+
+
+ Joblib is vulnerable to arbitrary code execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
+
+
+ There is no known workaround at this time.
+
+
+ All Joblib users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/joblib-1.2.0"
+
+
+
+ CVE-2022-21797
+
+ graaff
+ graaff
+
\ No newline at end of file
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index b7cbf1495735..47e89c82d31f 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Mon, 01 Jan 2024 11:39:50 +0000
+Thu, 04 Jan 2024 12:09:57 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 352527083875..4f7a75657ddb 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-3dfe782899716a3480c9481c69bca8c231c663a7 1703730129 2023-12-28T02:22:09+00:00
+086ee91647926ad5550f1443e004b5f5d1bda7fc 1704206331 2024-01-02T14:38:51+00:00
diff --git a/metadata/md5-cache/Manifest.gz b/metadata/md5-cache/Manifest.gz
index 772ff1bb4886..6b6dceb16b86 100644
Binary files a/metadata/md5-cache/Manifest.gz and b/metadata/md5-cache/Manifest.gz differ
diff --git a/metadata/md5-cache/acct-group/Manifest.gz b/metadata/md5-cache/acct-group/Manifest.gz
index fb2a076a8cf4..ad959127f5c0 100644
Binary files a/metadata/md5-cache/acct-group/Manifest.gz and b/metadata/md5-cache/acct-group/Manifest.gz differ
diff --git a/metadata/md5-cache/acct-group/atuin-0 b/metadata/md5-cache/acct-group/atuin-0
new file mode 100644
index 000000000000..7353cd81095d
--- /dev/null
+++ b/metadata/md5-cache/acct-group/atuin-0
@@ -0,0 +1,8 @@
+DEFINED_PHASES=install preinst pretend
+DESCRIPTION=System group: atuin
+EAPI=8
+INHERIT=acct-group
+KEYWORDS=~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris
+SLOT=0
+_eclasses_=acct-group 1ba28b31fccef7f4ff1cebfad243a633 user-info 9951b1a0e4f026d16c33a001fd2d5cdf
+_md5_=72b326d788dcf11aaf972280a4f3c6b1
diff --git a/metadata/md5-cache/acct-user/Manifest.gz b/metadata/md5-cache/acct-user/Manifest.gz
index 084809b913b7..033bc403e512 100644
Binary files a/metadata/md5-cache/acct-user/Manifest.gz and b/metadata/md5-cache/acct-user/Manifest.gz differ
diff --git a/metadata/md5-cache/acct-user/atuin-0 b/metadata/md5-cache/acct-user/atuin-0
new file mode 100644
index 000000000000..946507d3a74c
--- /dev/null
+++ b/metadata/md5-cache/acct-user/atuin-0
@@ -0,0 +1,9 @@
+DEFINED_PHASES=install postinst preinst prerm pretend
+DESCRIPTION=System user: atuin
+EAPI=8
+INHERIT=acct-user
+KEYWORDS=~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris
+RDEPEND=acct-group/atuin
+SLOT=0
+_eclasses_=acct-user 485d9a6aa1311a8ca9da380d8a8c6c76 user-info 9951b1a0e4f026d16c33a001fd2d5cdf
+_md5_=eb6f3501be9b929a57f46552c6ce65ac
diff --git a/metadata/md5-cache/app-admin/Manifest.gz b/metadata/md5-cache/app-admin/Manifest.gz
index c00997e7e434..533054fb8314 100644
Binary files a/metadata/md5-cache/app-admin/Manifest.gz and b/metadata/md5-cache/app-admin/Manifest.gz differ
diff --git a/metadata/md5-cache/app-admin/awscli-1.32.12 b/metadata/md5-cache/app-admin/awscli-1.32.12
new file mode 100644
index 000000000000..7fa63a42676c
--- /dev/null
+++ b/metadata/md5-cache/app-admin/awscli-1.32.12
@@ -0,0 +1,16 @@
+BDEPEND=test? ( dev-python/pytest-forked[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] ) test? ( >=dev-python/botocore-1.34.12[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/colorama[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/docutils[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/rsa[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] >=dev-python/s3transfer-0.10.0[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/pyyaml[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] !app-admin/awscli-bin >=dev-python/pytest-7.3.1[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/pytest-xdist[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] ) python_targets_python3_10? ( dev-lang/python:3.10 ) python_targets_python3_11? ( dev-lang/python:3.11 ) python_targets_python3_12? ( dev-lang/python:3.12 ) >=dev-python/gpep517-15[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] >=dev-python/setuptools-67.8.0-r1[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?]
+DEFINED_PHASES=compile configure install prepare test
+DESCRIPTION=Universal Command Line Environment for AWS
+EAPI=8
+HOMEPAGE=https://github.com/aws/aws-cli/ https://pypi.org/project/awscli/
+INHERIT=bash-completion-r1 distutils-r1
+IUSE=test python_targets_python3_10 python_targets_python3_11 python_targets_python3_12
+KEYWORDS=~amd64 ~arm ~arm64 ~ppc ~ppc64 ~riscv ~sparc ~x86
+LICENSE=Apache-2.0
+RDEPEND=>=dev-python/botocore-1.34.12[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/colorama[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/docutils[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/rsa[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] >=dev-python/s3transfer-0.10.0[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] dev-python/pyyaml[python_targets_python3_10(-)?,python_targets_python3_11(-)?,python_targets_python3_12(-)?] !app-admin/awscli-bin python_targets_python3_10? ( dev-lang/python:3.10 ) python_targets_python3_11? ( dev-lang/python:3.11 ) python_targets_python3_12? ( dev-lang/python:3.12 )
+REQUIRED_USE=|| ( python_targets_python3_10 python_targets_python3_11 python_targets_python3_12 )
+RESTRICT=!test? ( test )
+SLOT=0
+SRC_URI=https://github.com/aws/aws-cli/archive/1.32.12.tar.gz -> aws-cli-1.32.12.gh.tar.gz
+_eclasses_=bash-completion-r1 f5e7a020fd9c741740756aac61bf75ff distutils-r1 8e0ad2c111b259a711c8eaef98a17690 flag-o-matic 78cf3cc2d5572fddf5e5e10c70f7c81a multibuild d67e78a235f541871c7dfe4cf7931489 multilib c19072c3cd7ac5cb21de013f7e9832e0 multiprocessing 30ead54fa2e2b5f9cd4e612ffc34d0fe ninja-utils c8951c1dfcc1d43e3f967f61fd0ec59c out-of-source-utils 1a9007554652a6e627edbccb3c25a439 python-r1 8a28fa6d3e3bc96ff8a7eff2badbe71f python-utils-r1 474cb53a7d1b62721a91809a1d702661 toolchain-funcs e56c7649b804f051623c8bc1a1c44084
+_md5_=65645fae46020c986b91d79280295bc1
diff --git a/metadata/md5-cache/app-admin/checksec-2.4.0-r1 b/metadata/md5-cache/app-admin/checksec-2.4.0-r1
index 0ceccf6bb43c..fdfb60ce0979 100644
--- a/metadata/md5-cache/app-admin/checksec-2.4.0-r1
+++ b/metadata/md5-cache/app-admin/checksec-2.4.0-r1
@@ -2,9 +2,9 @@ DEFINED_PHASES=install prepare
DESCRIPTION=Tool to check properties of executables (e.g. ASLR/PIE, RELRO, PaX, Canaries)
EAPI=7
HOMEPAGE=https://github.com/slimm609/checksec.sh
-KEYWORDS=amd64 arm arm64 ~mips ~ppc ~ppc64 ~riscv ~sparc x86
+KEYWORDS=amd64 arm arm64 ~mips ~ppc ppc64 ~riscv ~sparc x86
LICENSE=BSD
RDEPEND=!