The GNU Binutils are a collection of tools to create, modify and analyse + binary files. Many of the files use BFD, the Binary File Descriptor + library, to do low-level manipulation. +
+Multiple vulnerabilities have been discovered in Binutils. Please review + the referenced CVE identifiers for details. +
+A remote attacker, by enticing a user to compile/execute a specially + crafted ELF, tekhex, PE, or binary file, could possibly cause a Denial of + Service condition. +
+There are no known workarounds at this time.
+All Binutils users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.29.1-r1"
+
+ OptiPNG is a PNG optimizer that re-compresses image files to a smaller + size, without losing any information. +
+Multiple vulnerabilities have been discovered in OptiPNG. Please review + the referenced CVE identifiers for details. +
+A remote attacker could entice a user to process a specially crafted + image file, possibly resulting in execution of arbitrary code with the + privileges of the process or a Denial of Service condition. +
+There is no known workaround at this time.
+All OptiPNG users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-gfx/optipng-0.7.6-r2"
+
+ Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. +
+ +Google Chrome is one fast, simple, and secure browser for all your + devices +
+Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, bypass + content security controls, or conduct URL spoofing. +
+There are no known workarounds at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-63.0.3239.108"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/google-chrome-63.0.3239.108"
+
+ X.Org X11 libXcursor runtime library.
+It was discovered that libXcursor is prone to several heap overflows + when parsing malicious files. +
+A remote attacker, by enticing a user to process a specially crafted + cursor file, could possibly execute arbitrary code with the privileges of + the process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All LibXcursor users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-libs/libXcursor-1.1.15"
+
+ OpenSSH is a complete SSH protocol implementation that includes SFTP + client and server support. +
+The process_open function in sftp-server.c in OpenSSH did not properly + prevent write operations in readonly mode. +
+A remote attacker could cause the creation of zero-length files.
+There is no known workaround at this time.
+All OpenSSH users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/openssh-7.5_p1-r3"
+
+ A simple backup tool for Linux, inspired by “flyback project”.
+‘Back in Time’ did improper escaping/quoting of file paths used as + arguments to the ‘notify-send’ command leading to some parts of file + paths being executed as shell commands within an os.system call. +
+A context-dependent attacker could execute arbitrary shell commands via + a specially crafted file. +
+There is no known workaround at this time.
+All ‘Back In Time’ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-backup/backintime-1.1.24"
+
+ GNU Emacs is a highly extensible and customizable text editor.
+A command injection flaw within the Emacs “enriched mode” handling + has been discovered. +
+A remote attacker, by enticing a user to open a specially crafted file, + could execute arbitrary commands with the privileges of process. +
+There is no known workaround at this time.
+All GNU Emacs 23.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-editors/emacs-23.4-r16:23"
+
+
+ All GNU Emacs 24.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-editors/emacs-24.5-r4:24"
+
+
+ All GNU Emacs 25.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-editors/emacs-25.2-r1:25"
+
+ The client library, enabling applications to access the services + provided by an UPnP “Internet Gateway Device” present on the network. +
+An exploitable buffer overflow vulnerability exists in the XML parser + functionality of the MiniUPnP library. +
+A remote attacker, by enticing a user to connect to a malicious server, + could cause the execution of arbitrary code with the privileges of the + user running a MiniUPnPc linked application. +
+There is no known workaround at this time.
+All MiniUPnPc users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/miniupnpc-2.0.20170509"
+
+ WebKitGTK+ is a full-featured port of the WebKit rendering engine.
+Multiple vulnerabilities have been discovered in WebkitGTK+. Please + review the referenced CVE Identifiers for details. +
+An attacker, by enticing a user to visit maliciously crafted web + content, may be able to execute arbitrary code or cause memory + corruption. +
+There are no known workarounds at this time.
+All WebkitGTK+ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.4:4"
+
+ X.Org Xfont library.
+It was discovered that libXfont incorrectly followed symlinks when + opening font files. +
+A local unprivileged user could use this flaw to cause the X server to + access arbitrary files, including special device files. +
+There is no known workaround at this time.
+All LibXfont users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.5.4"
+
+
+ All LibXfont2 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-libs/libXfont2-2.0.3"
+
+
+