Security
Security
This page lists all security advisories that were released by the Gentoo security team. For more information, please visit our distribution's security overview.
| ID | Title |
|---|---|
| 201712-04 | cURL: Multiple vulnerabilities |
| 201712-03 | OpenSSL: Multiple vulnerabilities |
| 201712-02 | OpenCV: Multiple vulnerabilities |
| 201712-01 | WebKitGTK+: Multiple vulnerabilities |
| 201711-16 | CouchDB: Multiple vulnerabilities |
| 201711-15 | PHPUnit: Remote code execution |
| 201711-14 | IcedTea: Multiple vulnerabilities |
| 201711-13 | Adobe Flash Player: Multiple vulnerabilities |
| 201711-12 | eGroupWare: Remote code execution |
| 201711-11 | VDE: Privilege escalation |
| 201711-10 | Cacti: Multiple vulnerabilities |
| 201711-09 | LXC: Remote security bypass |
| 201711-08 | LibXfont, LibXfont2: Multiple vulnerabilities |
| 201711-07 | ImageMagick: Multiple vulnerabilities |
| 201711-06 | GNU Wget: Multiple vulnerabilities |
| 201711-05 | X.Org Server: Multiple vulnerabilities |
| 201711-04 | MariaDB, MySQL: Root privilege escalation |
| 201711-03 | hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks |
| 201711-02 | Chromium, Google Chrome: Multiple vulnerabilities |
| 201711-01 | libxml2: Multiple vulnerabilities |
| 201710-32 | Apache: Multiple vulnerabilities |
| 201710-31 | Oracle JDK/JRE: Multiple vulnerabilities |
| 201710-30 | X.Org Server: Multiple vulnerabilities |
| 201710-29 | Asterisk: Multiple vulnerabilities |
| 201710-28 | Jython: Arbitrary code execution |
| 201710-27 | Dnsmasq: Multiple vulnerabilities |
| 201710-26 | OpenJPEG: Multiple vulnerabilities |
| 201710-25 | PCRE: Multiple vulnerabilities |
| 201710-24 | Chromium, Google Chrome: Multiple vulnerabilities |
| 201710-23 | Go: Multiple vulnerabilities |
| 201710-22 | Adobe Flash Player: Remote execution of arbitrary code |
| 201710-21 | Kodi: Arbitrary code execution |
| 201710-20 | Nagios: Multiple vulnerabilities |
| 201710-19 | libarchive: Multiple vulnerabilities |
| 201710-18 | Ruby: Multiple vulnerabilities |
| 201710-17 | Xen: Multiple vulnerabilities |
| 201710-16 | Shadow: Buffer overflow |
| 201710-15 | GnuTLS: Denial of service |
| 201710-14 | WebKitGTK+: Multiple Vulnerabilities |
| 201710-13 | Graphite: Multiple vulnerabilities |
| 201710-12 | Puppet Agent: Multiple vulnerabilities |
| 201710-11 | GNU Libtasn1: Multiple vulnerabilities |
| 201710-10 | elfutils: Multiple vulnerabilities |
| 201710-09 | PCRE2: Multiple vulnerabilities |
| 201710-08 | Pacemaker: Multiple vulnerabilities |
| 201710-07 | OCaml: Privilege escalation |
| 201710-06 | PostgreSQL: Multiple vulnerabilities |
| 201710-05 | Munin: Arbitrary file write |
| 201710-04 | sudo: Privilege escalation |
| 201710-03 | ICU: Multiple vulnerabilities |
| 201710-02 | file: Stack-based buffer overflow |
| 201710-01 | RubyGems: Multiple vulnerabilities |
| 201709-27 | libTIFF: Multiple vulnerabilities |
| 201709-26 | libsoup: Arbitrary remote code execution |
| 201709-25 | Chromium: Multiple vulnerabilities |
| 201709-24 | RAR, UnRAR: Multiple vulnerabilities |
| 201709-23 | Tcpdump: Multiple vulnerabilities |
| 201709-22 | Oracle JDK/JRE, IcedTea: Multiple vulnerabilities |
| 201709-21 | PHP: Multiple vulnerabilities |
| 201709-20 | Postfix: Privilege escalation |
| 201709-19 | Exim: Local privilege escalation |
| 201709-18 | Mercurial: Multiple vulnerabilities |
| 201709-17 | CVS: Command injection |
| 201709-16 | Adobe Flash Player: Multiple vulnerabilities |
| 201709-15 | Chromium: Multiple vulnerabilities |
| 201709-14 | cURL: Multiple vulnerabilities |
| 201709-13 | SquirrelMail: Remote Code Execution |
| 201709-12 | Perl: Race condition vulnerability |
| 201709-11 | GIMPS: Root privilege escalation |
| 201709-10 | Git: Command injection |
| 201709-09 | Subversion: Arbitrary code execution |
| 201709-08 | GDK-PixBuf: Multiple vulnerabilities |
| 201709-07 | Kpathsea: User-assisted execution of arbitrary code |
| 201709-06 | Supervisor: command injection vulnerability |
| 201709-05 | chkrootkit: Local privilege escalation |
| 201709-04 | mod_gnutls: Certificate validation error |
| 201709-03 | WebKitGTK+: Multiple vulnerabilities |
| 201709-02 | Binutils: Multiple vulnerabilities |
| 201709-01 | MCollective: Remote Code Execution |
| 201708-10 | jbig2dec: User-assisted execution of arbitrary code |
| 201708-09 | AutoTrace: Multiple vulnerabilities |
| 201708-08 | bzip2: Denial of service |
| 201708-07 | evilvte: User-assisted execution of arbitrary code |
| 201708-06 | GPL Ghostscript: Multiple vulnerabilities |
| 201708-05 | RAR and UnRAR: User-assisted execution of arbitrary code |
| 201708-04 | Ked Password Manager: Information leak |
| 201708-02 | TNEF: Multiple vulnerabilities |
| 201708-01 | BIND: Multiple vulnerabilities |
| 201707-15 | Adobe Flash Player: Multiple Vulnerabilities |
| 201707-14 | Gajim: Information disclosure |
| 201707-13 | libcroco: Multiple vulnerabilities |
| 201707-12 | MAN DB: Privilege escalation |
| 201707-11 | RoundCube: Security bypass |
| 201707-10 | VLC: Multiple vulnerabilities |
| 201707-09 | GNOME applet for NetworkManager: Arbitrary file read/write |
| 201707-08 | feh: Arbitrary remote code execution |
| 201707-07 | JasPer: Multiple vulnerabilities |
| 201707-06 | virglrenderer: Multiple vulnerabilities |
| 201707-05 | OpenSLP: Multiple vulnerabilities |
| 201707-04 | libsndfile: Multiple vulnerabilities |
| 201707-03 | phpMyAdmin: Security bypass |
| 201707-02 | Game Music Emu: Multiple vulnerabilities |
| 201707-01 | IcedTea: Multiple vulnerabilities |
| 201706-29 | KAuth and KDELibs: Privilege escalation |
| 201706-28 | LibreOffice: Multiple vulnerabilities |
| 201706-27 | FreeRADIUS: Security bypass |
| 201706-26 | Vim, gVim: Remote execution of arbitrary code |
| 201706-25 | Graphite: User-assisted execution of arbitrary code |
| 201706-24 | jbig2dec: Multiple vulnerabilities |
| 201706-23 | Urban Terror: Multiple vulnerabilities |
| 201706-22 | libksba: Denial of Service and information disclosure |
| 201706-21 | nettle: Information disclosure |
| 201706-20 | Chromium: Multiple vulnerabilities |
| 201706-19 | GNU C Library: Multiple vulnerabilities |
| 201706-18 | mbed TLS: Multiple vulnerabilities |
| 201706-17 | Kodi: Multiple vulnerabilities |
| 201706-16 | GNU Wget: Header injection |
| 201706-15 | WebKitGTK+: Multiple vulnerabilities |
| 201706-14 | FreeType: Multiple vulnerabilities |
| 201706-13 | minicom: Remote execution of arbitrary code |
| 201706-12 | Wireshark: Multiple vulnerabilities |
| 201706-11 | PCRE library: Denial of service |
| 201706-10 | Pidgin: Arbitrary code execution |
| 201706-09 | FileZilla: Buffer overflow |
| 201706-08 | MuPDF: Multiple vulnerabilities |
| 201706-07 | Libtirpc and RPCBind: Denial of Service |
| 201706-06 | ImageWorsener: Multiple vulnerabilities |
| 201706-05 | D-Bus: Multiple vulnerabilities |
| 201706-04 | Git: Security bypass |
| 201706-03 | QEMU: Multiple vulnerabilities |
| 201706-02 | Shadow: Multiple vulnerabilities |
| 201706-01 | MUNGE: Privilege escalation |
| 201705-15 | sudo: Privilege escalation |
| 201705-14 | Smb4K: Arbitrary command execution as root |
| 201705-13 | Teeworlds: Remote execution of arbitrary code on client |
| 201705-12 | Adobe Flash Player: Multiple vulnerabilities |
| 201705-11 | Xen: Multiple vulnerabilities |
| 201705-10 | GStreamer plug-ins: User-assisted execution of arbitrary code |
| 201705-09 | Apache Tomcat: Multiple vulnerabilities |
| 201705-08 | libav: Multiple vulnerabilities |
| 201705-07 | Mozilla Thunderbird: Multiple vulnerabilities |
| 201705-06 | Mozilla Firefox: Multiple vulnerabilities |
| 201705-05 | FFmpeg: Multiple vulnerabilities |
| 201705-04 | Mozilla Network Security Service (NSS): Multiple vulnerabilities |
| 201705-03 | Oracle JDK/JRE: Multiple vulnerabilities |
| 201705-02 | Chromium: Multiple vulnerabilities |
| 201705-01 | libevent: Multiple vulnerabilities |
| 201704-04 | Adobe Flash Player: Multiple vulnerabilities |
| 201704-03 | X.Org: Multiple vulnerabilities |
| 201704-02 | Chromium: Multiple vulnerabilities |
| 201704-01 | QEMU: Multiple vulnerabilities |
| 201703-07 | Xen: Privilege Escalation |
| 201703-06 | Deluge: Remote execution of arbitrary code |
| 201703-05 | GNU Libtasn1: Denial of service |
| 201703-04 | cURL: Certificate validation error |
| 201703-03 | PuTTY: Buffer overflow |
| 201703-02 | Adobe Flash Player: Multiple vulnerabilities |
| 201703-01 | OpenOffice: User-assisted execution of arbitrary code |
| 201702-32 | Ruby Archive::Tar::Minitar: Directory traversal |
| 201702-31 | GPL Ghostscript: Multiple vulnerabilities |
| 201702-30 | tcpdump: Multiple vulnerabilities |
| 201702-29 | PHP: Multiple vulnerabilities |
| 201702-28 | QEMU: Multiple vulnerabilities |
| 201702-27 | Xen: Multiple vulnerabilities |
| 201702-26 | Nagios: Multiple vulnerabilities |
| 201702-25 | libass: Multiple vulnerabilities |
| 201702-24 | LibVNCServer/LibVNCClient: Multiple vulnerabilities |
| 201702-23 | Dropbear: Multiple vulnerabilities |
| 201702-22 | Mozilla Firefox: Multiple vulnerabilities |
| 201702-21 | Opus: User-assisted execution of arbitrary code |
| 201702-20 | Adobe Flash Player: Multiple vulnerabilities |
| 201702-19 | TigerVNC: Buffer overflow |
| 201702-18 | MariaDB: Multiple vulnerabilities |
| 201702-17 | MySQL: Multiple vulnerabilities |
| 201702-16 | Redis: Multiple vulnerabilities |
| 201702-15 | OCaml: Buffer overflow and information disclosure |
| 201702-14 | PyCrypto: Remote execution of arbitrary code |
| 201702-13 | Mozilla Thunderbird: Multiple vulnerabilities |
| 201702-12 | MuPDF: Multiple vulnerabilities |
| 201702-11 | GNU C Library: Multiple vulnerabilities |
| 201702-10 | NTFS-3G: Privilege escalation |
| 201702-09 | ImageMagick: Multiple vulnerabilities |
| 201702-08 | VirtualBox: Multiple vulnerabilities |
| 201702-07 | OpenSSL: Multiple vulnerabilities |
| 201702-06 | Graphviz: Multiple vulnerabilities |
| 201702-05 | Lsyncd: Remote execution of arbitrary code |
| 201702-04 | GnuTLS: Multiple vulnerabilities |
| 201702-03 | Firejail: Privilege escalation |
| 201702-02 | RTMPDump: Multiple vulnerabilities |
| 201702-01 | PCSC-Lite: Multiple vulnerabilities |
| 201701-77 | Ansible: Remote execution of arbitrary code |
| 201701-76 | HarfBuzz: Multiple vulnerabilities |
| 201701-75 | Perl: Multiple vulnerabilities |
| 201701-74 | libpng: Remote execution of arbitrary code |
| 201701-73 | SQUASHFS: Multiple vulnerabilities |
| 201701-72 | libXpm: Remote execution of arbitrary code |
| 201701-71 | FFmpeg: Multiple vulnerabilities |
| 201701-70 | Firewalld: Improper authentication methods |
| 201701-69 | Ark: Unintended execution of scripts and executable files |
| 201701-68 | FreeImage: Multiple vulnerabilities |
| 201701-67 | a2ps: Arbitrary code execution |
| 201701-66 | Chromium: Multiple vulnerabilities |
| 201701-65 | Oracle JRE/JDK: Multiple vulnerabilities |
| 201701-64 | X.Org X Server: Multiple vulnerabilities |
| 201701-63 | Graphite: Multiple vulnerabilities |
| 201701-62 | Firejail: Multiple vulnerabilities |
| 201701-61 | WebP: Multiple vulnerabilities |
| 201701-60 | LibRaw: Multiple vulnerabilities |
| 201701-59 | ADOdb: Multiple vulnerabilities |
| 201701-58 | ICU: Multiple vulnerabilities |
| 201701-57 | T1Lib: : Multiple vulnerabilities |
| 201701-56 | zlib: Multiple vulnerabilities |
| 201701-55 | DirectFB: Multiple vulnerabilities |
| 201701-54 | DCRaw: Buffer overflow |
| 201701-53 | Lua: Buffer overflow |
| 201701-52 | libupnp: Multiple vulnerabilities |
| 201701-51 | DBD::mysql: Multiple vulnerabilities |
| 201701-50 | PPP: Buffer overflow |
| 201701-49 | QEMU: Multiple vulnerabilities |
| 201701-48 | Quagga: Multiple vulnerabilities |
| 201701-47 | cURL: Multiple vulnerabilities |
| 201701-46 | Mozilla Network Security Service (NSS): Multiple vulnerabilities |
| 201701-45 | irssi: Multiple vulnerabilities |
| 201701-44 | CVS: Heap-based overflow |
| 201701-43 | IcedTea: Multiple vulnerabilities |
| 201701-42 | file: Multiple vulnerabilities |
| 201701-41 | MiniUPnPc: Buffer overflow |
| 201701-40 | xdelta: User-assisted execution of arbitrary code |
| 201701-39 | VLC: Buffer overflow |
| 201701-38 | Pidgin: Multiple vulnerabilities |
| 201701-37 | libxml2: Multiple vulnerabilities |
| 201701-36 | Apache: Multiple vulnerabilities |
| 201701-35 | Mozilla SeaMonkey: Multiple vulnerabilities |
| 201701-34 | runC: Privilege escalation |
| 201701-33 | PostgreSQL: Multiple vulnerabilities |
| 201701-32 | phpMyAdmin: Multiple vulnerabilities |
| 201701-31 | flex: Potential insecure code generation |
| 201701-30 | vzctl: Security bypass |
| 201701-29 | Vim, gVim: Remote execution of arbitrary code |
| 201701-28 | c-ares: Heap-based buffer overflow |
| 201701-27 | 7-Zip: Multiple vulnerabilities |
| 201701-26 | BIND: Denial of service |
| 201701-25 | phpBB: Multiple vulnerabilities |
| 201701-24 | PgBouncer: Multiple vulnerabilities |
| 201701-23 | Botan: Multiple vulnerabilities |
| 201701-22 | NGINX: Privilege escalation |
| 201701-21 | Expat: Multiple vulnerabilities |
| 201701-20 | D-Bus: Format string vulnerability |
| 201701-19 | NTFS-3G: Privilege escalation |
| 201701-18 | Python: Multiple vulnerabilities |
| 201701-17 | Adobe Flash Player: Multiple vulnerabilities |
| 201701-16 | libTIFF: Multiple vulnerabilities |
| 201701-15 | Mozilla Firefox, Thunderbird: Multiple vulnerabilities |
| 201701-14 | LZO: Multiple vulnerabilities |
| 201701-13 | HDF5: Multiple vulnerabilities |
| 201701-12 | memcached: Multiple vulnerabilities |
| 201701-11 | musl: Integer overflow |
| 201701-10 | libotr, Pidgin OTR: Remote execution of arbitrary code |
| 201701-09 | Xdg-Utils: Command injection |
| 201701-08 | w3m: Multiple vulnerabilities |
| 201701-07 | Open vSwitch: Remote execution of arbitrary code |
| 201701-06 | e2fsprogs: Heap-based buffer overflow |
| 201701-05 | BusyBox: Denial of service |
| 201701-04 | Mutt: Heap-based buffer overflow |
| 201701-03 | libarchive: Multiple vulnerabilities |
| 201701-02 | Bash: Multiple vulnerabilities |
| 201701-01 | MariaDB and MySQL: Multiple vulnerabilities |