A library for manipulating FlashPIX images.
+A double free vulnerability has been discovered in the Free_All_Memory + function in jpeg/dectile.c. +
+A remote attacker could entice a user to open a specially crafted FPX + image using an application linked against libfpx, possibly resulting in a + Denial of Service condition. +
+There is no known workaround at this time.
+All libfpx users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libfpx-1.3.1_p6"
+
+
+ Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying these packages. +
+File transfer program to keep remote files into sync.
+Multiple vulnerabilities have been discovered in rsync. Please review + the CVE identifiers referenced below for details. +
+Remote attackers could write arbitrary files via symlink attacks.
+There is no known workaround at this time.
+All rsync users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.1.2"
+
+ Linux-PAM (Pluggable Authentication Modules) is an architecture allowing + the separation of the development of privilege granting software from the + development of secure and appropriate authentication schemes. +
+Multiple vulnerabilities have been discovered in Linux-PAM. Please + review the CVE identifiers referenced below for details. +
+Remote attackers could cause Denial of Service, conduct brute force + attacks, and conduct username enumeration. +
+There is no known workaround at this time.
+All Linux-PAM users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-libs/pam-1.2.1"
+
+
+ Mozilla Firefox is an open-source web browser, Mozilla Thunderbird an + open-source email client, and the Network Security Service (NSS) is a + library implementing security features like SSL v.2/v.3, TLS, PKCS #5, + PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. The + SeaMonkey project is a community effort to deliver production-quality + releases of code derived from the application formerly known as + ‘Mozilla Application Suite’. +
+Multiple vulnerabilities have been discovered in Firefox, NSS, NSPR, and + Thunderbird. Please review the CVE identifiers referenced below for + details. +
+A remote attacker could entice a user to view a specially crafted web + page or email, possibly resulting in execution of arbitrary code or a + Denial of Service condition. Furthermore, a remote attacker may be able + to perform Man-in-the-Middle attacks, obtain sensitive information, spoof + the address bar, conduct clickjacking attacks, bypass security + restrictions and protection mechanisms, or have other unspecified + impacts. +
+There is no known workaround at this time.
+All NSS users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.22.2"
+
+
+ All Thunderbird users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-38.7.0"
+
+
+ All users of the Thunderbird binary package should upgrade to the latest + version: +
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=mail-client/thunderbird-bin-38.7.0"
+
+
+ All Firefox 38.7.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-38.7.0"
+
+
+ All users of the Firefox 38.7.x binary package should upgrade to the + latest version: +
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-38.7.0"
+
+ PuTTY is a telnet and SSH client.
+Multiple vulnerabilities have been discovered in PuTTY. Please review + the CVE identifiers referenced below for details. +
+Stack-based buffer overflow in the SCP command-line utility allows + remote servers to execute arbitrary code or cause a denial of service + condition via a crafted SCP-SINK file-size response to an SCP download + request. +
+There is no known workaround at this time.
+All PuTTY users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/putty-0.67"
+
+ Puppet Agent contains Puppet’s main code and all of the dependencies + needed to run it, including Facter, Hiera, and bundled versions of Ruby + and OpenSSL. +
+Multiple vulnerabilities have been discovered in Puppet Server and + Agent. Please review the CVE identifiers referenced below for details. +
+Remote attackers, impersonating a trusted broker, could potentially + execute arbitrary code. +
+There is no known workaround at this time.
+All Puppet Agent users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/puppet-agent-1.4.2"
+
+
+ All Puppet Server users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/puppetserver-2.3.2"
+
+ libjpeg-turbo is a MMX, SSE, and SSE2 SIMD accelerated JPEG library
+libjpeg-turbo does not check for certain duplications of component data + during the reading of segments that follow Start Of Scan (SOS) JPEG + markers. +
+Remote attackers could obtain sensitive information from uninitialized + memory locations via a crafted JPEG images. +
+There is no known workaround at this time.
+All libjpeg-turbo users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libjpeg-turbo-1.4.2"
+
+
+ The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of + cryptographic software. +
+Multiple vulnerabilities have been discovered in GnuPG and libgcrypt, + please review the CVE identifiers referenced below for details. +
+A local attacker could possibly cause a Denial of Service condition. + Side-channel attacks could be leveraged to obtain key material. +
+There is no known workaround at this time.
+All GnuPG 2 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-crypt/gnupg-2.0.26-r3"
+
+
+ All GnuPG 1 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-crypt/gnupg-1.4.19"
+
+
+ All libgcrypt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libgcrypt-1.6.3-r4"
+
+
+ Provides a complete open source solution for remote access to virtual + machines in a seamless way so you can play videos, record audio, share + usb devices and share folders without complications. +
+Multiple vulnerabilities have been discovered in spice, please review + the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code. Additionally, a + local attacker could cause a Denial of Service. +
+There is no known workaround at this time.
+All spice users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-emulation/spice-0.12.7-r1"
+
+ nginx is a robust, small, and high performance HTTP and reverse proxy + server. +
+Multiple vulnerabilities have been discovered in nginx. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could possibly cause a Denial of Service condition via + a crafted packet. +
+There is no known workaround at this time.
+All nginx users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.10.1"
+
+ A fully featured, yet light weight RFC2131 compliant DHCP client
+A heap overflow can be triggered via malformed DHCP responses in the + print_option (via dhcp_envoption1) due to incorrect option length values. + These vulnerabilities could also allow remote attackers to trigger an + invalid read/crash via malformed DHCP responses. +
+Remote attackers could possibly execute arbitrary code with the + privileges of the process or cause Denial of Service. +
+There is no known workaround at this time.
+All dhcpcd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/dhcpcd-6.10.0”
+
+ The Adobe Flash Player is a renderer for the SWF file format, which is + commonly used to provide interactive websites. +
+Multiple vulnerabilities have been discovered in Adobe Flash Player. + Please review the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, obtain + sensitive information, or bypass security restrictions. +
+There is no known workaround at this time.
+All Adobe Flash Player users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "www-plugins/adobe-flash-11.2.202.626"
+
+ FFmpeg is a complete, cross-platform solution to record, convert and + stream audio and video. +
+Multiple vulnerabilities have been discovered in FFmpeg. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code or cause a + Denial of Service condition. +
+There is no known workaround at this time.
+All FFmpeg users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-video/ffmpeg-2.8.6"
+
+ PHP is a widely-used general-purpose scripting language that is + especially suited for Web development and can be embedded into HTML. +
+Multiple vulnerabilities have been discovered in PHP. Please review the + CVE identifiers referenced below for details. +
+An attacker can possibly execute arbitrary code or create a Denial of + Service condition. +
+There is no known workaround at this time.
+All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as PHP + 5.4 is now masked in Portage: +
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
+
+
+ All PHP 5.5 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"
+
+
+ All PHP 5.6 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"
+
+