+ Chromium, Google Chrome: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in Chromium and Google
+ Chrome, the worst of which could result in the arbitrary execution of code.
+
+ chromium,google-chrome
+ 2020-07-26
+ 2020-07-26
+ 728418
+ 729310
+ 732588
+ remote
+
+
+ 84.0.4147.89
+ 84.0.4147.89
+
+
+ 84.0.4147.89
+ 84.0.4147.89
+
+
+
+ Chromium is an open-source browser project that aims to build a safer,
+ faster, and more stable way for all users to experience the web.
+
+
+ Google Chrome is one fast, simple, and secure browser for all your
+ devices.
+
+
+
+ Multiple vulnerabilities have been discovered in Chromium and Google
+ Chrome. Please review the CVE identifiers referenced below for details.
+
+
+
+ Please review the referenced CVE identifiers for details.
+
+
+ There is no known workaround at this time.
+
+
+ All Chromium users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-84.0.4147.89"
+
+
+ All Google Chrome users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/google-chrome-84.0.4147.89"
+
+
+
+ CVE-2020-6505
+ CVE-2020-6506
+ CVE-2020-6507
+ CVE-2020-6509
+ CVE-2020-6510
+ CVE-2020-6511
+ CVE-2020-6512
+ CVE-2020-6513
+ CVE-2020-6514
+ CVE-2020-6515
+ CVE-2020-6516
+ CVE-2020-6517
+ CVE-2020-6518
+ CVE-2020-6519
+ CVE-2020-6520
+ CVE-2020-6521
+ CVE-2020-6522
+ CVE-2020-6523
+ CVE-2020-6524
+ CVE-2020-6525
+ CVE-2020-6526
+ CVE-2020-6527
+ CVE-2020-6528
+ CVE-2020-6529
+ CVE-2020-6530
+ CVE-2020-6531
+ CVE-2020-6533
+ CVE-2020-6534
+ CVE-2020-6535
+ CVE-2020-6536
+
+ sam_c
+ sam_c
+
diff --git a/metadata/glsa/glsa-202007-09.xml b/metadata/glsa/glsa-202007-09.xml
new file mode 100644
index 000000000000..eafd82da1347
--- /dev/null
+++ b/metadata/glsa/glsa-202007-09.xml
@@ -0,0 +1,67 @@
+
+
+
+ rssh: Multiple vulnerabilities
+ Multiple vulnerabilities have been found in rssh, the worst of
+ which could result in the arbitrary execution of code.
+
+ rssh
+ 2020-07-27
+ 2020-07-27
+ 699842
+ remote
+
+
+ 2.3.4_p3
+
+
+
+ rssh is a restricted shell, allowing only a few commands like scp or
+ sftp. It is often used as a complement to OpenSSH to provide limited
+ access to users.
+
+
+
+ Multiple vulnerabilities have been discovered in rssh. Please review the
+ CVE identifiers referenced below for details.
+
+
+
+ Please review the referenced CVE identifiers for details.
+
+
+ There is no known workaround at this time.
+
+
+ Gentoo has discontinued support for rssh. We recommend that users
+ unmerge rssh:
+
+
+
+ # emerge --unmerge "app-shells/rssh"
+
+
+ NOTE: The Gentoo developer(s) maintaining rssh have discontinued support
+ at this time. It may be possible that a new Gentoo developer will update
+ rssh at a later date. OpenSSH (net-misc/openssh) may be able to provide
+ similar functionality using its extensive configuration.
+
+
+
+
+ CVE-2019-1000018
+
+ CVE-2019-3463
+ CVE-2019-3464
+
+ b-man
+ sam_c
+
diff --git a/metadata/glsa/glsa-202007-30.xml b/metadata/glsa/glsa-202007-30.xml
new file mode 100644
index 000000000000..7a093aa57c5a
--- /dev/null
+++ b/metadata/glsa/glsa-202007-30.xml
@@ -0,0 +1,51 @@
+
+
+
+ Icinga: Root privilege escalation
+ Icinga installs files with insecure permissions allowing root
+ privilege escalation.
+
+ icinga
+ 2020-07-27
+ 2020-07-27
+ 638186
+ local
+
+
+ 1.14.2
+
+
+
+ Icinga is an open source computer system and network monitoring
+ application. It was originally created as a fork of the Nagios system
+ monitoring application in 2009.
+
+
+
+ It was discovered that Icinga’s installed files have insecure
+ permissions, possibly allowing root privilege escalation.
+
+
+
+ A local attacker could escalate privileges to root.
+
+
+ There is no known workaround at this time.
+
+
+ Gentoo has discontinued support for Icinga. We recommend that users
+ unmerge Icinga:
+
+
+
+ # emerge --unmerge "net-analyzer/icinga"
+
+
+ NOTE: The Gentoo developer(s) maintaining Icinga have discontinued
+ support at this time. It may be possible that a new Gentoo developer will
+ update Icinga at a later date. The natural replacement is Icinga 2
+ (net-analyzer/icinga2).
+
+
+
+ CVE-2017-16882
+
+ sam_c
+ sam_c
+
diff --git a/metadata/glsa/glsa-202007-32.xml b/metadata/glsa/glsa-202007-32.xml
new file mode 100644
index 000000000000..4d7d455e0ba0
--- /dev/null
+++ b/metadata/glsa/glsa-202007-32.xml
@@ -0,0 +1,45 @@
+
+
+
+ Mozilla Network Security Service (NSS): Information disclosure
+ NSS has an information disclosure vulnerability when handling DSA
+ keys.
+
+ nss
+ 2020-07-27
+ 2020-07-27
+ 726842
+ local, remote
+
+
+ 3.52.1
+ 3.52.1
+
+
+
+ The Mozilla Network Security Service (NSS) is a library implementing
+ security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS
+ #12, S/MIME and X.509 certificates.
+
+
+
+ NSS was found to not always perform constant-time operations when
+ working with DSA key material.
+
+
+
+ An attacker may be able to obtain information about a DSA private key.
+
+
+ There is no known workaround at this time.
+
+
+ All NSS users should upgrade to the latest version:
+
+
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.52.1"
+
+
+
+ CVE-2020-12399
+
+ sam_c
+ sam_c
+
diff --git a/metadata/glsa/glsa-202007-50.xml b/metadata/glsa/glsa-202007-50.xml
new file mode 100644
index 000000000000..850b4d3f9307
--- /dev/null
+++ b/metadata/glsa/glsa-202007-50.xml
@@ -0,0 +1,49 @@
+
+
+