Gentoo Linux Security Advisories (GLSA)

This page lists all security advisories that were released by the Gentoo security team. For more information, please visit our distribution's security overview.

ID Title
202012-24 Samba: Multiple vulnerabilities
202012-23 Apache Tomcat: Information disclosure
202012-22 HAProxy: Arbitrary code execution
202012-21 Mozilla Network Security Service (NSS): Denial of service
202012-20 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
202012-19 PowerDNS Recursor: Denial of service
202012-18 PowerDNS: information disclosure
202012-17 D-Bus: Denial of service
202012-16 PHP: Multiple vulnerabilities
202012-15 GDK-PixBuf: Denial of service
202012-14 cURL: Multiple vulnerabilities
202012-13 OpenSSL: Denial of service
202012-12 libass: User-assisted execution of arbitrary code
202012-11 c-ares: Denial of service
202012-10 WebkitGTK+: Multiple vulnerabilities
202012-09 Cherokee: Multiple vulnerabilities
202012-08 MariaDB: Multiple vulnerabilities
202012-07 PostgreSQL: Multiple vulnerabilities
202012-06 Linux-PAM: Authentication bypass
202012-05 Chromium, Google Chrome: Multiple vulnerabilities
202012-04 Mozilla Thunderbird: Multiple vulnerabilities
202012-03 Mozilla Firefox: Multiple vulnerabilities
202012-02 SeaMonkey: Multiple vulnerabilities
202012-01 X.Org X Server: Multiple vulnerabilities
202011-19 libexif: Multiple vulnerabilities
202011-18 Apache Ant: Insecure temporary file
202011-17 MIT Kerberos 5: Denial of service
202011-16 Chromium, Google Chrome: Multiple vulnerabilities
202011-15 libmaxminddb: Denial of service
202011-14 MariaDB: Remote code execution
202011-13 Salt: Multiple vulnerabilities
202011-12 Chromium, Google Chrome: Multiple vulnerabilities
202011-11 Blueman: Local privilege escalation
202011-10 tmux: Buffer overflow
202011-09 QEMU: Multiple vulnerabilities
202011-08 Wireshark: Multiple vulnerabilities
202011-07 Mozilla Firefox: Remote code execution
202011-06 Xen: Multiple vulnerabilities
202011-05 libssh: Denial of service
202011-04 Fossil: Multiple vulnerabilities
202011-03 KPMCore: Root privilege escalation
202011-02 OpenDMARC: Heap-based buffer overflow
202011-01 BlueZ: Arbitrary code execution
202010-08 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
202010-07 FreeType: Arbitrary code execution
202010-06 Ark: Arbitrary code execution
202010-05 LibRaw: Multiple vulnerabilities
202010-04 libxml2: Multiple vulnerabilities
202010-03 libjpeg-turbo: Information disclosure
202010-02 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
202010-01 Chromium, Google Chrome: Multiple vulnerabilities
202009-18 Bitcoin: Multiple vulnerabilities
202009-17 gpsd: Arbitrary code execution
202009-16 LinuxCIFS: Shell injection
202009-15 libuv: Buffer overflow
202009-14 Xen: Buffer overflow
202009-13 Chromium, Google Chrome: Multiple vulnerabilities
202009-12 ZeroMQ: Denial of service
202009-11 ProFTPD: Denial of service
202009-10 PHP: Denial of service
202009-09 Nextcloud Desktop Sync client: Multiple vulnerabilities
202009-08 GNOME Shell: Information disclosure
202009-07 Perl DBI: Multiple vulnerabilities
202009-06 GNOME File Roller: Directory traversal
202009-05 GStreamer RTSP Server: Denial of service
202009-04 Qt GUI: Buffer overflow
202009-03 Chromium, Google Chrome: Multiple vulnerabilities
202009-02 Dovecot: Multiple vulnerabilities
202009-01 GnuTLS: Denial of service
202008-24 OpenJDK: Multiple vulnerabilities
202008-23 chrony: Symlink vulnerability
202008-22 targetcli-fb: Multiple vulnerabilities
202008-21 Kleopatra: Remote code execution
202008-20 GPL Ghostscript: Multiple vulnerabilities
202008-19 BIND: Multiple vulnerabilities
202008-18 X.Org X11 library: Multiple vulnerabilities
202008-17 Redis: Multiple vulnerabilities
202008-16 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
202008-15 Docker: Information disclosure
202008-14 Wireshark: Denial of service
202008-13 PostgreSQL: Multiple vulnerabilities
202008-12 Net-SNMP: Multiple vulnerabilities
202008-11 Chromium, Google Chrome: Multiple vulnerabilities
202008-10 Chromium, Google Chrome: Heap buffer overflow
202008-09 Shadow: Privilege escalation
202008-08 Mozilla Network Security Service (NSS): Multiple vulnerabilities
202008-07 Chromium, Google Chrome: Multiple vulnerabilities
202008-06 iproute2: Denial of service
202008-05 gThumb: Arbitrary code execution
202008-04 Apache: Multiple vulnerabilities
202008-03 Ark: Arbitrary code execution
202008-02 GNU GLOBAL: Arbitrary code execution
202008-01 Python: Multiple vulnerabilities
202007-65 libsndfile: Multiple vulnerabilities
202007-64 Mozilla Thunderbird: Multiple vulnerabilities
202007-63 SNMP Trap Translator: Multiple vulnerabilities
202007-62 PyCrypto: Weak key generation
202007-61 WebKitGTK+: Multiple vulnerabilities
202007-60 Mozilla Firefox: Multiple vulnerabilities
202007-59 Chromium, Google Chrome: Multiple vulnerabilities
202007-58 FFmpeg: Multiple vulnerabilities
202007-57 Mutt, Neomutt: Multiple vulnerabilities
202007-56 Claws Mail: Improper STARTTLS handling
202007-55 libetpan: Improper STARTTLS handling
202007-54 rsync: Multiple vulnerabilities
202007-53 Dropbear: Multiple vulnerabilities
202007-52 mujs: Multiple vulnerabilities
202007-51 FileZilla: Untrusted search path
202007-50 GLib Networking: Improper certificate validation
202007-49 Mozilla Network Security Service (NSS): Information disclosure
202007-48 OCaml: Arbitrary code execution
202007-47 Okular: Local restricted command execution
202007-46 D-Bus: Denial of service
202007-45 NTFS-3G: Remote code execution, possible privilege escalation
202007-44 FreeXL: Multiple vulnerabilities
202007-43 TRE: Multiple vulnerabilities
202007-42 LHa: Buffer overflow
202007-41 Roundcube: Multiple vulnerabilities
202007-40 Thin: Privilege escalation
202007-39 Binutils: Multiple vulnerabilities
202007-38 QtGui: Arbitrary code execution
202007-37 AWStats: Multiple vulnerabilities
202007-36 DjVu: Multiple vulnerabilities
202007-35 ReportLab: Arbitrary code execution
202007-34 Apache Ant: Multiple vulnerabilities
202007-33 OSSEC: Multiple vulnerabilities
202007-32 Sarg: Local privilege escalation
202007-31 Icinga: Root privilege escalation
202007-30 spice: Arbitrary code execution
202007-29 rssh: Multiple vulnerabilities
202007-28 re2c: Buffer overflow
202007-27 Haml: Arbitrary code execution
202007-26 SQLite: Multiple vulnerabilities
202007-25 arpwatch: Root privilege escalation
202007-24 Twisted: Access restriction bypasses
202007-23 ClamAV: Multiple vulnerabilities
202007-22 sysstat: Arbitrary code execution
202007-21 Libreswan: Denial of service
202007-20 fuseiso: Multiple vulnerabilities
202007-19 WavPack: Multiple vulnerabilities
202007-18 QtNetwork: Denial of service
202007-17 JHead: Multiple vulnerabilities
202007-16 cURL: Multiple vulnerabilities
202007-15 Samba: Multiple vulnerabilities
202007-14 yaml-cpp: Denial of service
202007-13 Wireshark: Multiple vulnerabilities
202007-12 NTP: Multiple vulnerabilities
202007-11 WebKitGTK+: Multiple vulnerabilities
202007-10 Mozilla Firefox: Multiple vulnerabilities
202007-09 Mozilla Thunderbird: Multiple vulnerabilities
202007-08 Chromium, Google Chrome: Multiple vulnerabilities
202007-07 Transmission: Remote code execution
202007-06 HylaFAX: Multiple vulnerabilities
202007-05 libexif: Multiple vulnerabilities
202007-04 fwupd, libjcat: Multiple vulnerabilities
202007-03 Cacti: Multiple vulnerabilities
202007-02 Xen: Multiple vulnerabilities
202007-01 netqmail: Multiple vulnerabilities
202006-23 Cyrus IMAP Server: Access restriction bypass
202006-22 OpenJDK, IcedTea: Multiple vulnerabilities
202006-21 Apache Tomcat: Remote code execution
202006-20 Asterisk: Root privilege escalation
202006-19 Mozilla Thunderbird: Multiple vulnerabilities
202006-18 Bubblewrap: Arbitrary code execution
202006-17 FAAD2: Multiple vulnerabilities
202006-16 PCRE2: Denial of service
202006-15 OpenConnect: Multiple vulnerabilities
202006-14 PEAR Archive_Tar: Remote code execution vulnerability
202006-13 json-c: Multiple vulnerabilities
202006-12 GNU Mailutils: Privilege escalation
202006-11 Ansible: Multiple vulnerabilities
202006-10 GNU Readline: Multiple vulnerabilities
202006-09 Adobe Flash Player: Arbitrary code execution
202006-08 WebKitGTK+: Multiple vulnerabilities
202006-07 Mozilla Firefox: Multiple vulnerabilities
202006-06 ssvnc: Multiple vulnerabilities
202006-05 Nokogiri: Command injection
202006-04 glibc: Multiple vulnerabilities
202006-03 Perl: Multiple vulnerabilities
202006-02 Chromium, Google Chrome: Multiple vulnerabilities
202006-01 GnuTLS: Information disclosure
202005-13 Chromium, Google Chrome: Multiple vulnerabilities
202005-12 OpenSLP: Multiple vulnerabilities
202005-11 VLC: Buffer overflow
202005-10 libmicrodns: Multiple vulnerabilities
202005-09 Python: Denial of service
202005-08 Xen: Multiple vulnerabilities
202005-07 FreeRDP: Multiple vulnerabilities
202005-06 LIVE555 Media Server: Multiple vulnerabilities
202005-05 Squid: Multiple vulnerabilities
202005-04 Mozilla Firefox: Multiple vulnerabilities
202005-03 Mozilla Thunderbird: Multiple vulnerabilities
202005-02 QEMU: Multiple vulnerabilities
202005-01 Long Range ZIP: Multiple vulnerabilities
202004-17 Django: Multiple vulnerabilities
202004-16 Cacti: Multiple vulnerabilities
202004-15 libu2f-host: Multiple vulnerabilities
202004-14 FontForge: Multiple vulnerabilities
202004-13 Git: Information disclosure
202004-12 Chromium, Google Chrome: Multiple vulnerabilities
202004-11 Mozilla Firefox: Multiple vulnerabilities
202004-10 OpenSSL: Multiple vulnerabilities
202004-09 Chromium, Google Chrome: Multiple vulnerabilities
202004-08 libssh: Denial of service
202004-07 Mozilla Firefox: Multiple vulnerabilities
202004-06 GnuTLS: DTLS protocol regression
202004-05 ledger: Multiple vulnerabilities
202004-04 Qt WebEngine: Arbitrary code execution
202004-03 GPL Ghostscript: Multiple vulnerabilities
202004-02 VirtualBox: Multiple vulnerabilities
202004-01 HAProxy: Remote execution of arbitrary code
202003-66 QEMU: Multiple vulnerabilities
202003-65 FFmpeg: Multiple vulnerabilities
202003-64 libxls: Multiple vulnerabilities
202003-63 GNU IDN Library 2: Multiple vulnerabilities
202003-62 GNU Screen: Buffer overflow
202003-61 Adobe Flash Player: Remote execution of arbitrary code
202003-60 QtCore: Multiple vulnerabilities
202003-59 libvpx: User-assisted execution of arbitrary code
202003-58 UnZip: User-assisted execution of arbitrary code
202003-57 PHP: Multiple vulnerabilities
202003-56 Xen: Multiple vulnerabilities
202003-55 Zsh: Privilege escalation
202003-54 Pure-FTPd: Multiple vulnerabilities
202003-53 Chromium, Google Chrome: Multiple vulnerabilities
202003-52 Samba: Multiple vulnerabilities
202003-51 WeeChat: Multiple vulnerabilities
202003-50 Tor: Multiple vulnerabilities
202003-49 BlueZ: Security bypass
202003-48 Node.js: Multiple vulnerabilities
202003-47 Exim: Heap-based buffer overflow
202003-46 ClamAV: Multiple vulnerabilities
202003-45 PyYAML: Arbitrary code execution
202003-44 Binary diff: Heap-based buffer overflow
202003-43 Apache Tomcat: Multiple vulnerabilities
202003-42 libgit2: Multiple vulnerabilities
202003-41 GNU FriBidi: Heap-based buffer overflow
202003-40 Cacti: Multiple vulnerabilities
202003-39 phpMyAdmin: SQL injection
202003-38 PECL Imagick: Arbitrary code execution
202003-37 Mozilla Network Security Service: Multiple vulnerabilities
202003-36 libvorbis: Multiple vulnerabilities
202003-35 ProFTPd: Multiple vulnerabilities
202003-34 Squid: Multiple vulnerabilities
202003-33 GStreamer Base Plugins: Heap-based buffer overflow
202003-32 Libgcrypt: Side-channel attack
202003-31 gdb: Buffer overflow
202003-30 Git: Multiple vulnerabilities
202003-29 cURL: Multiple vulnerabilities
202003-28 libarchive: Multiple vulnerabilities
202003-27 libssh: Arbitrary command execution
202003-26 Python: Multiple vulnerabilities
202003-25 libTIFF: Multiple vulnerabilities
202003-24 file: Heap-based buffer overflow
202003-23 libjpeg-turbo: User-assisted execution of arbitrary code
202003-22 WebkitGTK+: Multiple vulnerabilities
202003-21 runC: Multiple vulnerabilities
202003-20 systemd: Heap use-after-free
202003-19 PPP: Buffer overflow
202003-18 libvirt: Multiple vulnerabilities
202003-17 nfdump: Multiple vulnerabilities
202003-16 SQLite: Multiple vulnerabilities
202003-15 ICU: Integer overflow
202003-14 atftp: Multiple vulnerabilities
202003-13 musl: x87 floating-point stack adjustment imbalance
202003-12 sudo: Multiple vulnerabilities
202003-11 SVG Salamander: Server-Side Request Forgery
202003-10 Mozilla Thunderbird: Multiple vulnerabilities
202003-09 OpenID library for Ruby: Server-Side Request Forgery
202003-08 Chromium, Google Chrome: Multiple vulnerabilities
202003-07 RabbitMQ C client: Arbitrary code execution
202003-06 Ruby: Multiple vulnerabilities
202003-05 e2fsprogs: Arbitrary code execution
202003-04 Vim, gVim: Remote execution of arbitrary code
202003-03 PostgreSQL: Multiple vulnerabilities
202003-02 Mozilla Firefox: Multiple vulnerabilities
202003-01 Groovy: Arbitrary code execution