GLSA

The Gentoo Linux Security Advisories (GLSA) are notifications generated by Gentoo's security team about vulnerable software in the Gentoo repository. These reports contain information about the vulnerability itself, the possible impact on a Gentoo system, references towards external sources (like CVE information) as well as information on how to resolve the vulnerability (which, in most cases, is an update or upgrade of one or more software titles).

GLSA notifications are managed as XML files within the Gentoo repository (see ${portageq get_repo_path / gentoo}/metadata/glsa). A user can run the glsa-check application to have its system verified against these GLSA notifications and, optionally, update the necessary packages automatically to remediate the vulnerability.

GLSA availability

Gentoo Linux Security Advisories can be obtained through several sources:

• Chronological Index of GLSA notifications: https://security.gentoo.org/glsa/
• Subscribe to the gentoo-announce@gentoo.org mailing list: https://www.gentoo.org/get-involved/mailing-lists/
• GLSA RSS Feed: https://security.gentoo.org/glsa/feed.rss

See also

• Staying up-to-date (Security Handbook)
• Gentoo Linux Security Project
• Gentoo Linux Vulnerability Treatment Policy
• GLSA Coordinator Guide