GitPython is a Python library used to interact with Git repositories.
+Please review the CVE identifier referenced below for details.
+An attacker may be able to trigger Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.
+There is no known workaround at this time.
+All GitPython users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/GitPython-3.1.30"
+
+ Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh.
+Multiple vulnerabilities have been discovered in Netatalk. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Netatalk users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/netatalk-3.1.18"
+
+ SQLite is a C library that implements an SQL database engine.
+Multiple vulnerabilities have been discovered in SQLite. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All SQLite users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.42.0"
+
+ Apache Zeppelin is a web-based notebook that enables data-driven, interactive data analytics and collaborative documents with SQL, Scala, Python, R and more.
+Multiple vulnerabilities have been discovered in Zeppelin. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Zeppelin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-apps/zeppelin-bin-0.10.1"
+
+ The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems.
+Multiple vulnerabilities have been discovered in LinuxCIFS utils. Please review the CVE identifiers referenced below for details.
+A stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. + +When verbose logging is enabled, invalid credentials file lines may be dumped to stderr. This may lead to information disclosure in particular conditions when the credentials file given is sensitive and contains '=' signs.
+There is no known workaround at this time.
+All LinuxCIFS utils users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/cifs-utils-6.15"
+
+ multipath-tools are used to drive the Device Mapper multipathing driver.
+Multiple vulnerabilities have been discovered in multipath-tools. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All multipath-tools users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-fs/multipath-tools-0.9.3"
+
+ AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. + +It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used to check the integrity of the file. All of the usual file attributes can also be checked for inconsistencies.
+A vulnerability has been discovered in AIDE. Please review the CVE identifier referenced below for details.
+AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
+There is no known workaround at this time.
+All AIDE users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-forensics/aide-0.17.4"
+
+ GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. GNU Libmicrohttpd is free software and part of the GNU project.
+A buffer overflow vulnerability has been discovered in GNU Libmicrohttpd. Please review the CVE identifier referenced below for details.
+A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
+There is no known workaround at this time.
+All GNU Libmicrohttpd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">net-libs/libmicrohttpd-0.9.70"
+
+ Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
+Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Go users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/go-1.20.10"
+ # emerge --ask --oneshot --verbose @golang-rebuild
+
+ RenderDoc is a free MIT licensed stand-alone graphics debugger that allows quick and easy single-frame capture and detailed introspection of any application using Vulkan, D3D11, OpenGL & OpenGL ES or D3D12 across Windows, Linux, Android, or Nintendo Switchâ„¢.
+Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All RenderDoc users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-gfx/renderdoc-1.27"
+
+ QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications.
+Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All QtWebEngine users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.10_p20230623"
+
+ MiniDLNA is a simple media server software, with the aim of being fully compliant with DLNA/UPnP-AV clients.
+Multiple vulnerabilities have been discovered in MiniDLNA. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All MiniDLNA users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/minidlna-1.3.3"
+
+ Apptainer is the container system for secure high-performance computing.
+A vulnerability has been discovered in Apptainer. Please review the CVE identifier referenced below for details.
+There is an ext4 use-after-free flaw that is exploitable in vulnerable versions.
+There is no known workaround at this time.
+All Apptainer users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-containers/apptainer-1.1.8"
+
+ GNU GRUB is a multiboot boot loader used by most Linux systems.
+Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All GRUB users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-boot/grub-2.06-r4"
+
+ LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity.
+Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All LibreOffice binary users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-office/libreoffice-bin-7.5.3.2"
+
+
+ All LibreOffice users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-office/libreoffice-7.5.3.2"
+
+ Open vSwitch is a production quality multilayer virtual switch.
+Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Open vSwitch users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.17.6"
+
+ phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the web.
+Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All phpMyAdmin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-5.2.0"
+
+ GLib is a library providing a number of GNOME's core objects and functions.
+Multiple vulnerabilities have been discovered in GLib. Please review the referenced CVEs for details.
+GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. + +GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. + +GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.
+There is no known workaround at this time.
+All GLib users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.74.4"
+
+