Exim is a message transfer agent (MTA) designed to be a a highly + configurable, drop-in replacement for sendmail. +
+A vulnerability was discovered in how Exim validates recipient addresses + in the deliver_message() function. +
+A remote attacker could execute arbitrary commands by sending an email + with a specially crafted recipient address to the affected system. +
+There is no known workaround at this time.
+All Exim users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-mta/exim-4.92"
+
+ The GNU Binutils are a collection of tools to create, modify and analyse + binary files. Many of the files use BFD, the Binary File Descriptor + library, to do low-level manipulation. +
+Multiple vulnerabilities have been discovered in Binutils. Please review + the referenced CVE identifiers for details. +
+A remote attacker, by enticing a user to compile/execute a specially + crafted ELF, object, PE, or binary file, could possibly cause a Denial of + Service condition or have other unspecified impacts. +
+There is no known workaround at this time.
+All Binutils users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.32-r1"
+
+ libpng is a standard library used to process PNG (Portable Network + Graphics) images. It is used by several programs, including web browsers + and potentially server processes. +
+Multiple vulnerabilities have been discovered in libpng. Please review + the CVE identifiers referenced below for details. +
+A remote attacker, by enticing a user to process a specially crafted PNG + file, could cause a Denial of Service condition. +
+There is no known workaround at this time.
+All libpng users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.6.37"
+
+
+