The Apache HTTP server is one of the most popular web servers on the Internet.
+Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Apache HTTPD users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.56"
+
+ Wireshark is a versatile network protocol analyzer.
+Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Wireshark users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-4.0.6"
+
+ Ghostscript is an interpreter for the PostScript language and for PDF.
+Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All GPL Ghostscript users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-10.01.2"
+
+ RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files.
+Due to an error in the validation of symbolic links within archives, RAR and UnRAR can potentially write files to a directory which is outside of the intended unpack directory.
+If the user running RAR or UnRAR extracts a malicious archive, the archive could overwrite a file such as the user's shell initialization scripts, potentially resulting in arbitrary code execution in the context of that user.
+There is no known workaround at this time.
+All RAR users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/rar-6.23"
+
+
+ All UnRAR users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/unrar-6.2.10"
+
+ WebP is an image format employing both lossy and lossless compression.
+Multiple vulnerabilities have been discovered in WebP. Please review the CVE identifiers referenced below for details.
+Please review the CVE identifiers referenced below for details.
+There is no known workaround at this time.
+All WebP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libwebp-1.3.1_p20230908"
+
+ Samba is a suite of SMB and CIFS client/server programs.
+Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Samba users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/samba-4.18.4"
+
+ Binwalk is a tool for identifying files embedded inside firmware images.
+Multiple vulnerabilities have been discovered in Binwalk. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Binwalk users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-misc/binwalk-2.3.4"
+
+ Requests is an HTTP library for human beings.
+Requests is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin with authentication credentials encoded into the URL.
+Users' proxy authentication secrets could be disclosed to parties beyond the used HTTP proxy server.
+There is no known workaround at this time.
+All Requests users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/requests-2.31.0"
+
+ Pacemaker is an Open Source, High Availability resource manager suitable for both small and large clusters.
+Multiple vulnerabilities have been discovered in Pacemaker. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Pacemaker users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-2.0.5_rc2"
+
+ Smart and user-friendly command line shell for macOS, Linux, and the rest of the family. It includes features like syntax highlighting, autosuggest-as-you-type, and fancy tab completions that just work, with no configuration required.
+A vulnerability have been discovered in Fish. Please review the CVE identifiers referenced below for details.
+A user may be enticed to cd into a git repository under control by an attacker (e.g. on a shared filesystem or by unpacking an archive) and execute arbitrary commands.
+There is no known workaround at this time.
+All fish users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-shells/fish-3.4.0"
+
+ libsndfile is a C library for reading and writing files containing sampled sound.
+Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All libsndfile users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libsndfile-1.1.0"
+
+ sudo allows a system administrator to give users the ability to run commands as other users.
+Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All sudo users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.13_p2"
+
+ The GNU Multiple Precision Arithmetic Library is a library forarbitrary-precision arithmetic on different types of numbers.
+There is an integer overflow leading to a buffer overflow when processing untrusted input via GMP's mpz_inp_raw function.
+Untrusted input can cause a denial of service via segmentation fault.
+Users can ensure no untrusted input is passed into GMP's mpz_inp_raw function.
+All GMP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/gmp-6.2.1-r2"
+
+ libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants.
+Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All libarchive users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/libarchive-3.7.1"
+
+ The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation.
+Multiple vulnerabilities have been discovered in GNU Binutils. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All GNU Binutils users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.40"
+
+ wpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN). hostapd is a user space daemon for access point and authentication servers.
+Multiple vulnerabilities have been discovered in hostapd and wpa_supplicant. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All wpa_supplicant users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-wireless/wpa_supplicant-2.10"
+
+
+ All hostapd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.10"
+
+ Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. + +Google Chrome is one fast, simple, and secure browser for all your devices. + +Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
+Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/chromium-113.0.5672.126"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/google-chrome-113.0.5672.126"
+
+
+ All Microsoft Edge users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-113.0.1774.50"
+
+
+ Gentoo has discontinued support for www-client/chromium-bin. Users should unmerge it in favor of the above alternatives:
+ +
+ # emerge --ask --depclean --verbose "www-client/chromium-bin"
+
+