Security
Security
This page lists all security advisories that were released by the Gentoo security team. For more information, please visit our distribution's security overview.
| ID | Title |
|---|---|
| 200412-27 | PHProjekt: Remote code execution vulnerability |
| 200412-26 | ViewCVS: Information leak and XSS vulnerabilities |
| 200412-25 | CUPS: Multiple vulnerabilities |
| 200412-24 | Xpdf, GPdf: New integer overflows |
| 200412-23 | Zwiki: XSS vulnerability |
| 200412-22 | mpg123: Playlist buffer overflow |
| 200412-21 | MPlayer: Multiple overflows |
| 200412-20 | NASM: Buffer overflow vulnerability |
| 200412-19 | phpMyAdmin: Multiple vulnerabilities |
| 200412-18 | abcm2ps: Buffer overflow vulnerability |
| 200412-17 | kfax: Multiple overflows in the included TIFF library |
| 200412-16 | kdelibs, kdebase: Multiple vulnerabilities |
| 200412-15 | Ethereal: Multiple vulnerabilities |
| 200412-14 | PHP: Multiple vulnerabilities |
| 200412-13 | Samba: Integer overflow |
| 200412-12 | Adobe Acrobat Reader: Buffer overflow vulnerability |
| 200412-11 | Cscope: Insecure creation of temporary files |
| 200412-10 | Vim, gVim: Vulnerable options in modelines |
| 200412-09 | ncpfs: Buffer overflow in ncplogin and ncpmap |
| 200412-08 | nfs-utils: Multiple remote vulnerabilities |
| 200412-07 | file: Arbitrary code execution |
| 200412-06 | PHProjekt: setup.php vulnerability |
| 200412-05 | mirrorselect: Insecure temporary file creation |
| 200412-04 | Perl: Insecure temporary file creation |
| 200412-03 | imlib: Buffer overflows in image decoding |
| 200412-02 | PDFlib: Multiple overflows in the included TIFF library |
| 200412-01 | rssh, scponly: Unrestricted command execution |
| 200411-38 | Sun and Blackdown Java: Applet privilege escalation |
| 200411-37 | Open DC Hub: Remote code execution |
| 200411-36 | phpMyAdmin: Multiple XSS vulnerabilities |
| 200411-35 | phpWebSite: HTTP response splitting vulnerability |
| 200411-34 | Cyrus IMAP Server: Multiple remote vulnerabilities |
| 200411-33 | TWiki: Arbitrary command execution |
| 200411-32 | phpBB: Remote command execution |
| 200411-31 | ProZilla: Multiple vulnerabilities |
| 200411-30 | pdftohtml: Vulnerabilities in included Xpdf |
| 200411-29 | unarj: Long filenames buffer overflow and a path traversal vulnerability |
| 200411-28 | X.Org, XFree86: libXpm vulnerabilities |
| 200411-27 | Fcron: Multiple vulnerabilities |
| 200411-26 | GIMPS, SETI@home, ChessBrain: Insecure installation |
| 200411-25 | SquirrelMail: Encoded text XSS vulnerability |
| 200411-24 | BNC: Buffer overflow vulnerability |
| 200411-23 | Ruby: Denial of Service issue |
| 200411-22 | Davfs2, lvm-user: Insecure tempfile handling |
| 200411-21 | Samba: Multiple vulnerabilities |
| 200411-20 | ez-ipupdate: Format string vulnerability |
| 200411-19 | Pavuk: Multiple buffer overflows |
| 200411-18 | Apache 2.0: Denial of Service by memory consumption |
| 200411-17 | mtink: Insecure tempfile handling |
| 200411-16 | zip: Path name buffer overflow |
| 200411-15 | OpenSSL, Groff: Insecure tempfile handling |
| 200411-14 | Kaffeine, gxine: Remotely exploitable buffer overflow |
| 200411-13 | Portage, Gentoolkit: Temporary file vulnerabilities |
| 200411-12 | zgv: Multiple buffer overflows |
| 200411-11 | ImageMagick: EXIF buffer overflow |
| 200411-10 | Gallery: Cross-site scripting vulnerability |
| 200411-09 | shadow: Unauthorized modification of account information |
| 200411-08 | GD: Integer overflow |
| 200411-07 | Proxytunnel: Format string vulnerability |
| 200411-06 | MIME-tools: Virus detection evasion |
| 200411-05 | libxml2: Remotely exploitable buffer overflow |
| 200411-04 | Speedtouch USB driver: Privilege escalation vulnerability |
| 200411-03 | Apache 1.3: Buffer overflow vulnerability in mod_include |
| 200411-02 | Cherokee: Format string vulnerability |
| 200411-01 | ppp: No denial of service vulnerability |
| 200410-31 | Archive::Zip: Virus detection evasion |
| 200410-30 | GPdf, KPDF, KOffice: Vulnerabilities in included xpdf |
| 200410-29 | PuTTY: Pre-authentication buffer overflow |
| 200410-28 | rssh: Format string vulnerability |
| 200410-27 | mpg123: Buffer overflow vulnerabilities |
| 200410-26 | socat: Format string vulnerability |
| 200410-25 | Netatalk: Insecure tempfile handling in etc2ps.sh |
| 200410-24 | MIT krb5: Insecure temporary file use in send-pr.sh |
| 200410-23 | Gaim: Multiple vulnerabilities |
| 200410-22 | MySQL: Multiple vulnerabilities |
| 200410-21 | Apache 2, mod_ssl: Bypass of SSLCipherSuite directive |
| 200410-20 | Xpdf, CUPS: Multiple integer overflows |
| 200410-19 | glibc: Insecure tempfile handling in catchsegv script |
| 200410-18 | Ghostscript: Insecure temporary file use in multiple scripts |
| 200410-17 | OpenOffice.org: Temporary files disclosure |
| 200410-16 | PostgreSQL: Insecure temporary file use in make_oidjoins_check |
| 200410-15 | Squid: Remote DoS vulnerability |
| 200410-14 | phpMyAdmin: Vulnerability in MIME-based transformation system |
| 200410-13 | BNC: Input validation flaw |
| 200410-12 | WordPress: HTTP response splitting and XSS vulnerabilities |
| 200410-11 | tiff: Buffer overflows in image decoding |
| 200410-10 | gettext: Insecure temporary file handling |
| 200410-09 | LessTif: Integer and stack overflows in libXpm |
| 200410-08 | ncompress: Buffer overflow |
| 200410-07 | ed: Insecure temporary file handling |
| 200410-06 | CUPS: Leakage of sensitive information |
| 200410-05 | Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities |
| 200410-04 | PHP: Memory disclosure and arbitrary location file upload |
| 200410-03 | NetKit-telnetd: buffer overflows in telnet and telnetd |
| 200410-02 | Netpbm: Multiple temporary file issues |
| 200410-01 | sharutils: Buffer overflows in shar.c and unshar.c |
| 200409-35 | Subversion: Metadata information leak |
| 200409-34 | X.org, XFree86: Integer and stack overflows in libXpm |
| 200409-33 | Apache: Exposure of protected directories |
| 200409-32 | getmail: Filesystem overwrite vulnerability |
| 200409-31 | jabberd 1.x: Denial of Service vulnerability |
| 200409-30 | xine-lib: Multiple vulnerabilities |
| 200409-29 | FreeRADIUS: Multiple Denial of Service vulnerabilities |
| 200409-28 | GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities |
| 200409-27 | glFTPd: Local buffer overflow vulnerability |
| 200409-26 | Mozilla, Firefox, Thunderbird, Epiphany: New releases fix vulnerabilities |
| 200409-25 | CUPS: Denial of service vulnerability |
| 200409-24 | Foomatic: Arbitrary command execution in foomatic-rip filter |
| 200409-23 | SnipSnap: HTTP response splitting |
| 200409-22 | phpGroupWare: XSS vulnerability in wiki module |
| 200409-21 | Apache 2, mod_dav: Multiple vulnerabilities |
| 200409-20 | mpg123: Buffer overflow vulnerability |
| 200409-19 | Heimdal: ftpd root escalation |
| 200409-18 | cdrtools: Local root vulnerability in cdrecord if set SUID root |
| 200409-17 | SUS: Local root vulnerability |
| 200409-16 | Samba: Denial of Service vulnerabilities |
| 200409-15 | Webmin, Usermin: Multiple vulnerabilities in Usermin |
| 200409-14 | Samba: Remote printing non-vulnerability |
| 200409-13 | LHa: Multiple vulnerabilities |
| 200409-12 | ImageMagick, imlib, imlib2: BMP decoding buffer overflows |
| 200409-11 | star: Suid root vulnerability |
| 200409-10 | multi-gnome-terminal: Information leak |
| 200409-09 | MIT krb5: Multiple vulnerabilities |
| 200409-08 | Ruby: CGI::Session creates files insecurely |
| 200409-07 | xv: Buffer overflows in image handling |
| 200409-06 | eGroupWare: Multiple XSS vulnerabilities |
| 200409-05 | Gallery: Arbitrary command execution |
| 200409-04 | Squid: Denial of service when using NTLM authentication |
| 200409-03 | Python 2.2: Buffer overflow in getaddrinfo() |
| 200409-02 | MySQL: Insecure temporary file creation in mysqlhotcopy |
| 200409-01 | vpopmail: Multiple vulnerabilities |
| 200408-27 | Gaim: New vulnerabilities |
| 200408-26 | zlib: Denial of service vulnerability |
| 200408-25 | MoinMoin: Group ACL bypass |
| 200408-24 | Linux Kernel: Multiple information leaks |
| 200408-23 | kdelibs: Cross-domain cookie injection vulnerability |
| 200408-22 | Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities |
| 200408-21 | Cacti: SQL injection vulnerability |
| 200408-20 | Qt: Image loader overflows |
| 200408-19 | courier-imap: Remote Format String Vulnerability |
| 200408-18 | xine-lib: VCD MRL buffer overflow |
| 200408-17 | rsync: Potential information leakage |
| 200408-16 | glibc: Information leak with LD_DEBUG |
| 200408-15 | Tomcat: Insecure installation |
| 200408-14 | acroread: UUDecode filename buffer overflow |
| 200408-13 | kdebase, kdelibs: Multiple security issues |
| 200408-12 | Gaim: MSN protocol parsing function buffer overflow |
| 200408-11 | Nessus: "adduser" race condition vulnerability |
| 200408-10 | gv: Exploitable Buffer Overflow |
| 200408-09 | Roundup: Filesystem access vulnerability |
| 200408-08 | Cfengine: RSA Authentication Heap Corruption |
| 200408-07 | Horde-IMP: Input validation vulnerability for Internet Explorer users |
| 200408-06 | SpamAssassin: Denial of Service vulnerability |
| 200408-05 | Opera: Multiple new vulnerabilities |
| 200408-04 | PuTTY: Pre-authentication arbitrary code execution |
| 200408-03 | libpng: Numerous vulnerabilities |
| 200408-02 | Courier: Cross-site scripting vulnerability in SqWebMail |
| 200408-01 | MPlayer: GUI filename handling overflow |
| 200407-23 | SoX: Multiple buffer overflows |
| 200407-22 | phpMyAdmin: Multiple vulnerabilities |
| 200407-21 | Samba: Multiple buffer overflows |
| 200407-20 | Subversion: Vulnerability in mod_authz_svn |
| 200407-19 | Pavuk: Digest authentication helper buffer overflow |
| 200407-18 | mod_ssl: Format string vulnerability |
| 200407-17 | l2tpd: Buffer overflow |
| 200407-16 | Linux Kernel: Multiple DoS and permission vulnerabilities |
| 200407-15 | Opera: Multiple spoofing vulnerabilities |
| 200407-14 | Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries |
| 200407-13 | PHP: Multiple security vulnerabilities |
| 200407-12 | Linux Kernel: Remote DoS vulnerability with IPTables TCP Handling |
| 200407-11 | wv: Buffer overflow vulnerability |
| 200407-10 | rsync: Directory traversal in rsync daemon |
| 200407-09 | MoinMoin: Group ACL bypass |
| 200407-08 | Ethereal: Multiple security problems |
| 200407-07 | Shorewall : Insecure temp file handling |
| 200407-06 | libpng: Buffer overflow on row buffers |
| 200407-05 | XFree86, X.org: XDM ignores requestPort setting |
| 200407-04 | Pure-FTPd: Potential DoS when maximum connections is reached |
| 200407-03 | Apache 2: Remote denial of service attack |
| 200407-02 | Linux Kernel: Multiple vulnerabilities |
| 200407-01 | Esearch: Insecure temp file handling |
| 200406-22 | Pavuk: Remote buffer overflow |
| 200406-21 | mit-krb5: Multiple buffer overflows in krb5_aname_to_localname |
| 200406-20 | FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling |
| 200406-19 | giFT-FastTrack: remote denial of service attack |
| 200406-18 | gzip: Insecure creation of temporary files |
| 200406-17 | IPsec-Tools: authentication bug in racoon |
| 200406-16 | Apache 1.3: Buffer overflow in mod_proxy |
| 200406-15 | Usermin: Multiple vulnerabilities |
| 200406-14 | aspell: Buffer overflow in word-list-compress |
| 200406-13 | Squid: NTLM authentication helper buffer overflow |
| 200406-12 | Webmin: Multiple vulnerabilities |
| 200406-11 | Horde-IMP: Input validation vulnerability |
| 200406-10 | Gallery: Privilege escalation vulnerability |
| 200406-09 | Horde-Chora: Remote code execution |
| 200406-08 | Squirrelmail: Another XSS vulnerability |
| 200406-07 | Subversion: Remote heap overflow |
| 200406-06 | CVS: additional DoS and arbitrary code execution vulnerabilities |
| 200406-05 | Apache: Buffer overflow in mod_ssl |
| 200406-04 | Mailman: Member password disclosure vulnerability |
| 200406-03 | sitecopy: Multiple vulnerabilities in included libneon |
| 200406-02 | tripwire: Format string vulnerability |
| 200406-01 | Ethereal: Multiple security problems |
| 200405-25 | tla: Multiple vulnerabilities in included libneon |
| 200405-24 | MPlayer, xine-lib: vulnerabilities in RTSP stream handling |
| 200405-23 | Heimdal: Kerberos 4 buffer overflow in kadmin |
| 200405-22 | Apache 1.3: Multiple vulnerabilities |
| 200405-21 | Midnight Commander: Multiple vulnerabilities |
| 200405-20 | Insecure Temporary File Creation In MySQL |
| 200405-19 | Opera telnet URI handler file creation/truncation vulnerability |
| 200405-18 | Buffer Overflow in Firebird |
| 200405-17 | Multiple vulnerabilities in metamail |
| 200405-16 | Multiple XSS Vulnerabilities in SquirrelMail |
| 200405-15 | cadaver heap-based buffer overflow |
| 200405-14 | Buffer overflow in Subversion |
| 200405-13 | neon heap-based buffer overflow |
| 200405-12 | CVS heap overflow vulnerability |
| 200405-11 | KDE URI Handler Vulnerabilities |
| 200405-10 | Icecast denial of service vulnerability |
| 200405-09 | ProFTPD Access Control List bypass vulnerability |
| 200405-08 | Pound format string vulnerability |
| 200405-07 | Exim verify=header_syntax buffer overflow |
| 200405-06 | libpng denial of service vulnerability |
| 200405-05 | Utempter symlink vulnerability |
| 200405-04 | OpenOffice.org vulnerability when using DAV servers |
| 200405-03 | ClamAV VirusEvent parameter vulnerability |
| 200405-02 | Multiple vulnerabilities in LHa |
| 200405-01 | Multiple format string vulnerabilities in neon 0.24.4 and earlier |
| 200404-21 | Multiple Vulnerabilities in Samba |
| 200404-20 | Multiple vulnerabilities in xine |
| 200404-19 | Buffer overflows and format string vulnerabilities in LCDproc |
| 200404-18 | Multiple Vulnerabilities in ssmtp |
| 200404-17 | ipsec-tools and iputils contain a remote DoS vulnerability |
| 200404-16 | Multiple new security vulnerabilities in monit |
| 200404-15 | XChat 2.0.x SOCKS5 Vulnerability |
| 200404-14 | Multiple format string vulnerabilities in cadaver |
| 200404-13 | CVS Server and Client Vulnerabilities |
| 200404-12 | Scorched 3D server chat box format string vulnerability |
| 200404-11 | Multiple Vulnerabilities in pwlib |
| 200404-10 | iproute local Denial of Service vulnerability |
| 200404-09 | Cross-realm trust vulnerability in Heimdal |
| 200404-08 | GNU Automake symbolic link vulnerability |
| 200404-07 | ClamAV RAR Archive Remote Denial Of Service Vulnerability |
| 200404-06 | Util-linux login may leak sensitive data |
| 200404-05 | ipsec-tools contains an X.509 certificates vulnerability. |
| 200404-04 | Multiple vulnerabilities in sysstat |
| 200404-03 | Tcpdump Vulnerabilities in ISAKMP Parsing |
| 200404-02 | KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability |
| 200404-01 | Insecure sandbox temporary lockfile vulnerabilities in Portage |
| 200403-14 | Multiple Security Vulnerabilities in Monit |
| 200403-13 | Remote buffer overflow in MPlayer |
| 200403-12 | OpenLDAP DoS Vulnerability |
| 200403-11 | Squid ACL [url_regex] bypass vulnerability |
| 200403-10 | Fetchmail 6.2.5 fixes a remote DoS |
| 200403-09 | Buffer overflow in Midnight Commander |
| 200403-08 | oftpd DoS vulnerability |
| 200403-07 | Multiple remote overflows and vulnerabilities in Ethereal |
| 200403-06 | Multiple remote buffer overflow vulnerabilities in Courier |
| 200403-05 | UUDeview MIME Buffer Overflow |
| 200403-04 | Multiple security vulnerabilities in Apache 2 |
| 200403-03 | Multiple OpenSSL Vulnerabilities |
| 200403-02 | Linux kernel do_mremap local privilege escalation vulnerability |
| 200403-01 | Libxml2 URI Parsing Buffer Overflow Vulnerabilities |
| 200402-07 | Clam Antivirus DoS vulnerability |
| 200402-06 | Updated kernel packages fix the AMD64 ptrace vulnerability |
| 200402-05 | phpMyAdmin < 2.5.6-rc1: possible attack against export.php |
| 200402-04 | Gallery 1.4.1 and below remote exploit vulnerability |
| 200402-03 | Monkeyd Denial of Service vulnerability |
| 200402-02 | XFree86 Font Information File Buffer Overflow |
| 200402-01 | PHP setting leaks from .htaccess files on virtual hosts |
| 200401-04 | GAIM 0.75 Remote overflows |
| 200401-03 | Apache mod_python Denial of Service vulnerability |
| 200401-02 | Honeyd remote detection vulnerability via a probe packet |
| 200401-01 | Linux kernel do_mremap() local privilege escalation vulnerability |