A library to support the Open Financial eXchange XML format
+Multiple vulnerabilities have been discovered in libofx. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to process a specially crafted + file using an application linked against libofx, possibly resulting in + execution of arbitrary code with the privileges of the process or a + Denial of Service condition. +
+There is no known workaround at this time.
+All libofx users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libofx-0.9.14"
+
+ Default file manager for the GNOME desktop
+A vulnerability was discovered in Nautilus which allows an attacker to + escape the sandbox. +
+A local attacker could possibly bypass sandbox protection.
+There is no known workaround at this time.
+All Nautilus users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=gnome-base/nautilus-3.30.5-r1"
+
+ Library with common API for various GNOME modules.
+A vulnerability was discovered in the GNOME desktop library which allows + an attacker to escape the sandbox. +
+A local attacker could possibly bypass sandbox protection.
+There is no known workaround at this time.
+All GNOME desktop library users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=gnome-base/gnome-desktop-3.30.2.3"
+
+ Dovecot is an open source IMAP and POP3 email server.
+Multiple vulnerabilities have been discovered in Dovecot. Please review + the CVE identifiers referenced below for details. +
+An unauthenticated remote attacker could send a specially crafted mail + or use crafted IMAP commands possibly resulting in the execution of + arbitrary code with the privileges of the process or a Denial of Service + condition. +
+There is no known workaround at this time.
+All Dovecot users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-mail/dovecot-2.3.7.2"
+
+ Perl is a highly capable, feature-rich programming language.
+Multiple vulnerabilities have been discovered in Perl. Please review the + CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Perl users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/perl-5.28.2"
+
+ VLC is a cross-platform media player and streaming server.
+Multiple vulnerabilities have been discovered in VLC. Please review the + CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All VLC users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-video/vlc-3.0.8"
+
+ Pango is a library for layout and rendering of internationalized text.
+A buffer overflow has been discovered in Pango’s + pango_log2vis_get_embedding_levels function. +
+A remote attacker could entice a user to process a specially crafted + string with functions like pango_itemize, possibly resulting in execution + of arbitrary code with the privileges of the process or a Denial of + Service condition. +
+There is no known workaround at this time.
+All Pango users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-libs/pango-1.42.4-r2"
+
+ The Apache HTTP server is one of the most popular web servers on the + Internet. +
+Multiple vulnerabilities have been discovered in Apache. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Apache users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.41"
+
+ WebKitGTK+ is a full-featured port of the WebKit rendering engine, + suitable for projects requiring any kind of web integration, from hybrid + HTML/CSS applications to full-fledged web browsers. +
+Multiple vulnerabilities have been discovered in WebkitGTK+. Please + review the CVE identifiers referenced below for details. +
+An attacker, by enticing a user to visit maliciously crafted web + content, may be able to execute arbitrary code or cause memory + corruption. +
+There is no known workaround at this time.
+All WebkitGTK+ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.24.4"
+
+ Exim is a message transfer agent (MTA) designed to be a a highly + configurable, drop-in replacement for sendmail. +
+Multiple vulnerabilities have been discovered in Exim. Please review the + CVE identifiers referenced below for details. +
+A remote attacker, by connecting to the SMTP listener daemon, could + possibly execute arbitrary code with the privileges of the process or + cause a Denial of Service condition. +
+There is no known workaround at this time.
+All Exim users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-mta/exim-4.92.2"
+
+
+ Simple DirectMedia Layer is a cross-platform development library + designed to provide low level access to audio, keyboard, mouse, joystick, + and graphics hardware via OpenGL and Direct3D. +
+Multiple vulnerabilities have been discovered in Simple DirectMedia + Layer. Please review the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to process a specially crafted + audio or video, possibly resulting in execution of arbitrary code with + the privileges of the process or a Denial of Service condition. +
+There is no known workaround at this time.
+All Simple DirectMedia Layer users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libsdl2-2.0.10"
+
+
+ D-Bus is a message bus system which processes can use to talk to each + other. +
+It was discovered that a local attacker could manipulate symbolic links + in their own home directory to bypass authentication and connect to a + DBusServer with elevated privileges. +
+A local attacker can bypass authentication mechanisms and elevate + privileges. +
+There is no known workaround at this time.
+All D-Bus users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/dbus-1.12.16"
+
+