pinkbyte 14/07/07 12:56:42 Modified: glsa-201110-01.xml glsa-201203-12.xml glsa-201312-03.xml glsa-201401-04.xml glsa-201402-24.xml glsa-201404-07.xml Log: Massive update on affected versions to prevent incorrect security warnings on end-user systems, thanks to Kristian Fiskerstrand
Revision Changes Path 1.11 xml/htdocs/security/en/glsa/glsa-201110-01.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201110-01.xml?rev=1.11&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201110-01.xml?rev=1.11&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201110-01.xml?r1=1.10&r2=1.11 Index: glsa-201110-01.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201110-01.xml,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- glsa-201110-01.xml 17 Sep 2013 22:57:51 -0000 1.10 +++ glsa-201110-01.xml 7 Jul 2014 12:56:42 -0000 1.11 @@ -9,7 +9,7 @@ </synopsis> <product type="ebuild">openssl</product> <announced>October 09, 2011</announced> - <revised>September 17, 2013: 11</revised> + <revised>July 07, 2014: 12</revised> <bug>303739</bug> <bug>308011</bug> <bug>322575</bug> @@ -30,6 +30,11 @@ <unaffected range="rge">0.9.8w</unaffected> <unaffected range="rge">0.9.8x</unaffected> <unaffected range="rge">0.9.8y</unaffected> + <unaffected range="rge">0.9.8z_p1</unaffected> + <unaffected range="rge">0.9.8z_p2</unaffected> + <unaffected range="rge">0.9.8z_p3</unaffected> + <unaffected range="rge">0.9.8z_p4</unaffected> + <unaffected range="rge">0.9.8z_p5</unaffected> <vulnerable range="lt">1.0.0e</vulnerable> </package> </affected> @@ -84,7 +89,7 @@ <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210">CVE-2011-3210</uri> </references> <metadata tag="requester" timestamp="Fri, 07 Oct 2011 23:38:03 +0000">craig</metadata> - <metadata tag="submitter" timestamp="Tue, 17 Sep 2013 22:51:46 +0000"> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:49:50 +0000"> keytoaster </metadata> </glsa> 1.8 xml/htdocs/security/en/glsa/glsa-201203-12.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201203-12.xml?rev=1.8&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201203-12.xml?rev=1.8&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201203-12.xml?r1=1.7&r2=1.8 Index: glsa-201203-12.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201203-12.xml,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- glsa-201203-12.xml 17 Sep 2013 22:57:51 -0000 1.7 +++ glsa-201203-12.xml 7 Jul 2014 12:56:42 -0000 1.8 @@ -10,7 +10,7 @@ </synopsis> <product type="ebuild">openssl</product> <announced>March 06, 2012</announced> - <revised>September 17, 2013: 7</revised> + <revised>July 07, 2014: 8</revised> <bug>397695</bug> <bug>399365</bug> <access>remote</access> @@ -23,6 +23,11 @@ <unaffected range="rge">0.9.8w</unaffected> <unaffected range="rge">0.9.8x</unaffected> <unaffected range="rge">0.9.8y</unaffected> + <unaffected range="rge">0.9.8z_p1</unaffected> + <unaffected range="rge">0.9.8z_p2</unaffected> + <unaffected range="rge">0.9.8z_p3</unaffected> + <unaffected range="rge">0.9.8z_p4</unaffected> + <unaffected range="rge">0.9.8z_p5</unaffected> <vulnerable range="lt">1.0.0g</vulnerable> </package> </affected> @@ -91,5 +96,5 @@ </uri> </references> <metadata tag="requester" timestamp="Mon, 16 Jan 2012 19:58:37 +0000">ago</metadata> - <metadata tag="submitter" timestamp="Tue, 17 Sep 2013 22:51:39 +0000">ackle</metadata> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:52:48 +0000">ackle</metadata> </glsa> 1.3 xml/htdocs/security/en/glsa/glsa-201312-03.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201312-03.xml?rev=1.3&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201312-03.xml?rev=1.3&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201312-03.xml?r1=1.2&r2=1.3 Index: glsa-201312-03.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201312-03.xml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- glsa-201312-03.xml 3 Dec 2013 15:01:47 -0000 1.2 +++ glsa-201312-03.xml 7 Jul 2014 12:56:42 -0000 1.3 @@ -9,7 +9,7 @@ </synopsis> <product type="ebuild">OpenSSL</product> <announced>December 03, 2013</announced> - <revised>December 03, 2013: 2</revised> + <revised>July 07, 2014: 4</revised> <bug>369753</bug> <bug>406199</bug> <bug>412643</bug> @@ -18,8 +18,13 @@ <access>remote</access> <affected> <package name="dev-libs/openssl" auto="yes" arch="*"> - <unaffected range="rge">1.0.0j</unaffected> + <unaffected range="ge">1.0.0j</unaffected> <unaffected range="rge">0.9.8y</unaffected> + <unaffected range="rge">0.9.8z_p1</unaffected> + <unaffected range="rge">0.9.8z_p2</unaffected> + <unaffected range="rge">0.9.8z_p3</unaffected> + <unaffected range="rge">0.9.8z_p4</unaffected> + <unaffected range="rge">0.9.8z_p5</unaffected> <vulnerable range="lt">1.0.0j</vulnerable> <vulnerable range="lt">0.9.8y</vulnerable> </package> @@ -72,5 +77,5 @@ <metadata tag="requester" timestamp="Thu, 15 Mar 2012 02:30:07 +0000"> underling </metadata> - <metadata tag="submitter" timestamp="Tue, 03 Dec 2013 14:59:32 +0000">n0idx80</metadata> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:52:33 +0000">n0idx80</metadata> </glsa> 1.4 xml/htdocs/security/en/glsa/glsa-201401-04.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201401-04.xml?rev=1.4&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201401-04.xml?rev=1.4&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201401-04.xml?r1=1.3&r2=1.4 Index: glsa-201401-04.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201401-04.xml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- glsa-201401-04.xml 8 Jan 2014 01:14:00 -0000 1.3 +++ glsa-201401-04.xml 7 Jul 2014 12:56:42 -0000 1.4 @@ -9,7 +9,7 @@ </synopsis> <product type="ebuild">python</product> <announced>January 06, 2014</announced> - <revised>January 08, 2014: 3</revised> + <revised>July 07, 2014: 4</revised> <bug>325593</bug> <bug>355927</bug> <bug>358663</bug> @@ -27,6 +27,9 @@ <unaffected range="rge">2.7.4</unaffected> <unaffected range="rge">2.7.5</unaffected> <unaffected range="rge">2.7.6</unaffected> + <unaffected range="rge">2.7.7</unaffected> + <unaffected range="rge">2.7.8</unaffected> + <unaffected range="rge">2.7.9</unaffected> <vulnerable range="lt">3.3.2-r1</vulnerable> </package> </affected> @@ -90,7 +93,7 @@ <metadata tag="requester" timestamp="Wed, 18 Sep 2013 03:32:23 +0000"> creffett </metadata> - <metadata tag="submitter" timestamp="Wed, 08 Jan 2014 01:12:43 +0000"> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:53:14 +0000"> creffett </metadata> </glsa> 1.2 xml/htdocs/security/en/glsa/glsa-201402-24.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201402-24.xml?rev=1.2&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201402-24.xml?rev=1.2&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201402-24.xml?r1=1.1&r2=1.2 Index: glsa-201402-24.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201402-24.xml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- glsa-201402-24.xml 21 Feb 2014 15:34:25 -0000 1.1 +++ glsa-201402-24.xml 7 Jul 2014 12:56:42 -0000 1.2 @@ -10,7 +10,7 @@ </synopsis> <product type="ebuild">gnupg libgcrypt</product> <announced>February 21, 2014</announced> - <revised>February 21, 2014: 1</revised> + <revised>July 07, 2014: 2</revised> <bug>449546</bug> <bug>478184</bug> <bug>484836</bug> @@ -21,6 +21,10 @@ <package name="app-crypt/gnupg" auto="yes" arch="*"> <unaffected range="ge">2.0.22</unaffected> <unaffected range="rge">1.4.16</unaffected> + <unaffected range="rge">1.4.17</unaffected> + <unaffected range="rge">1.4.18</unaffected> + <unaffected range="rge">1.4.19</unaffected> + <unaffected range="rge">1.4.20</unaffected> <vulnerable range="lt">2.0.22</vulnerable> </package> <package name="dev-libs/libgcrypt" auto="yes" arch="*"> @@ -84,5 +88,5 @@ </uri> </references> <metadata tag="requester" timestamp="Tue, 15 Jan 2013 21:37:26 +0000">ackle</metadata> - <metadata tag="submitter" timestamp="Fri, 21 Feb 2014 15:33:59 +0000">ackle</metadata> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:54:35 +0000">ackle</metadata> </glsa> 1.3 xml/htdocs/security/en/glsa/glsa-201404-07.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201404-07.xml?rev=1.3&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201404-07.xml?rev=1.3&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201404-07.xml?r1=1.2&r2=1.3 Index: glsa-201404-07.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/security/en/glsa/glsa-201404-07.xml,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- glsa-201404-07.xml 10 Apr 2014 07:26:09 -0000 1.2 +++ glsa-201404-07.xml 7 Jul 2014 12:56:42 -0000 1.3 @@ -9,7 +9,7 @@ </synopsis> <product type="ebuild">openssl</product> <announced>April 08, 2014</announced> - <revised>April 10, 2014: 2</revised> + <revised>July 07, 2014: 3</revised> <bug>505278</bug> <bug>507074</bug> <access>remote</access> @@ -17,6 +17,11 @@ <package name="dev-libs/openssl" auto="yes" arch="*"> <unaffected range="ge">1.0.1g</unaffected> <unaffected range="rge">0.9.8y</unaffected> + <unaffected range="rge">0.9.8z_p1</unaffected> + <unaffected range="rge">0.9.8z_p2</unaffected> + <unaffected range="rge">0.9.8z_p3</unaffected> + <unaffected range="rge">0.9.8z_p4</unaffected> + <unaffected range="rge">0.9.8z_p5</unaffected> <vulnerable range="lt">1.0.1g</vulnerable> </package> </affected> @@ -74,5 +79,5 @@ <uri link="http://heartbleed.com/">Heartbleed bug website</uri> </references> <metadata tag="requester" timestamp="Tue, 08 Apr 2014 09:37:45 +0000">a3li</metadata> - <metadata tag="submitter" timestamp="Thu, 10 Apr 2014 07:22:25 +0000">a3li</metadata> + <metadata tag="submitter" timestamp="Mon, 07 Jul 2014 12:55:02 +0000">a3li</metadata> </glsa>