JasPer is a software-based implementation of the codec specified in the + JPEG-2000 Part-1 standard. +
+Multiple vulnerabilities have been discovered in JasPer. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+JasPer is no longer maintained upstream and contains many + vulnerabilities which remain unaddressed. Gentoo users are advised to + unmerge this package. +
+ +
+ # emerge --unmerge media-libs/jasper
+
+ Redis is an open source (BSD licensed), in-memory data structure store, + used as a database, cache and message broker. +
+Multiple vulnerabilities have been discovered in Redis. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Redis users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/redis-4.0.14"
+
+ LibVNCServer/LibVNCClient are cross-platform C libraries that allow you + to easily implement VNC server or client functionality in your program. +
+Multiple vulnerabilities have been discovered in LibVNCServer. Please + review the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All LibVNCServer users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/libvncserver-0.9.12"
+
+ glibc is a package that contains the GNU C library.
+Multiple vulnerabilities have been discovered in glibc. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All glibc users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.28-r4"
+
+ Provides an advanced configuration system.
+A vulnerability was discovered in KDE KConfig’s handling of .desktop + and .directory files. +
+An attacker could entice a user to execute a specially crafted .desktop + or .directory file possibly resulting in execution of arbitrary code with + the privileges of the process. +
+There is no known workaround at this time.
+All KConfig users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=kde-frameworks/kconfig-5.60.0-r1"
+
+ CUPS, the Common Unix Printing System, is a full-featured print server.
+Multiple vulnerabilities have been discovered in CUPS. Please review the + CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All CUPS users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-print/cups-2.2.8"
+
+ SQLite is a C library that implements an SQL database engine.
+Multiple vulnerabilities have been discovered in SQLite. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could, by executing arbitrary SQL statements against a + vulnerable host, execute arbitrary code. +
+There is no known workaround at this time.
+All SQLite users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.28.0"
+
+ Java Platform, Standard Edition (Java SE) lets you develop and deploy + Java applications on desktops and servers, as well as in today’s + demanding embedded environments. Java offers the rich user interface, + performance, versatility, portability, and security that today’s + applications require. +
+Multiple vulnerabilities have been discovered in Oracle’s JDK and JRE + software suites. Please review the CVE identifiers referenced below for + details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Oracle JDK bin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=dev-java/oracle-jdk-bin-1.8.0.202:1.8"
+
+
+ All Oracle JRE bin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=dev-java/oracle-jre-bin-1.8.0.202:1.8"
+
+ libarchive is a library for manipulating different streaming archive + formats, including certain tar variants, several cpio formats, and both + BSD and GNU ar variants. +
+Multiple vulnerabilities have been discovered in libarchive. Please + review the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All libarchive users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/libarchive-3.3.3"
+
+ Mozilla Firefox is a popular open-source web browser from the Mozilla + Project. +
+Multiple vulnerabilities have been discovered in Mozilla Firefox. Please + review the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to view a specially crafted web + page, possibly resulting in the execution of arbitrary code with the + privileges of the process or a Denial of Service condition. +
+There is no known workaround at this time.
+All Mozilla Firefox users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-60.8.0"
+
+
+ All Mozilla Firefox binary users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-60.8.0"
+
+ LibreOffice is a powerful office suite; its clean interface and powerful + tools let you unleash your creativity and grow your productivity. +
+Multiple vulnerabilities have been discovered in LibreOffice. Please + review the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All LibreOffice users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-office/libreoffice-6.2.5.2"
+
+
+ All LibreOffice binary users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=app-office/libreoffice-bin-6.2.5.2"
+
+
+ polkit is a toolkit for managing policies relating to unprivileged + processes communicating with privileged processes. +
+Multiple vulnerabilities have been discovered in polkit. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All polkit users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-auth/polkit-0.115-r2"
+
+ ZNC is an advanced IRC bouncer.
+It was discovered that ZNC’s “Modules.cpp” allows remote + authenticated non-admin users to escalate privileges. +
+A remote authenticated attacker could escalate privileges and + subsequently execute arbitrary code or conduct a Denial of Service + attack. +
+There is no known workaround at this time.
+All ZNC users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-irc/znc-1.7.4_rc1"
+
+ ProFTPD is an advanced and very configurable FTP server.
+It was discovered that ProFTPD’s “mod_copy” module does not + properly restrict privileges for anonymous users. +
+A remote attacker, by anonymously uploading a malicious file, could + possibly execute arbitrary code with the privileges of the process, cause + a Denial of Service condition or disclose information. +
+There is no known workaround at this time.
+All ProFTPD users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-ftp/proftpd-1.3.6-r5"
+
+ Looks like an embeddable networking library but acts like a concurrency + framework. +
+A buffer overflow was discovered in ZeroMQ.
+An attacker could possibly execute arbitrary code with the privileges of + the process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All ZeroMQ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/zeromq-4.3.2"
+
+ Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. +
+ +Google Chrome is one fast, simple, and secure browser for all your + devices. +
+Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the referenced CVE identifiers and Google Chrome + Releases for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-76.0.3809.100"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/google-chrome-76.0.3809.100"
+
+ GNU Wget is a free software package for retrieving files using HTTP, + HTTPS and FTP, the most widely-used Internet protocols. +
+A buffer overflow was discovered in GNU’s Wget.
+An attacker could possibly execute arbitrary code with the privileges of + the process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All GNU Wget users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/wget-1.20.3"
+
+ Mozilla Thunderbird is a popular open-source email client from the + Mozilla project +
+Multiple vulnerabilities have been discovered in Mozilla Thunderbird. + Please review the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Mozilla Thunderbird users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.8.0"
+
+
+ All Mozilla Thunderbird binary users should upgrade to the latest + version: +
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=mail-client/thunderbird-bin-60.8.0"
+
+ The Adobe Flash Player is a renderer for the SWF file format, which is + commonly used to provide interactive websites. +
+Multiple vulnerabilities have been discovered in Adobe Flash Player. + Please review the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process or bypass security restrictions. +
+There is no known workaround at this time.
+All Adobe Flash Player users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-plugins/adobe-flash-32.0.0.207"
+
+ Patch takes a patch file containing a difference listing produced by the + diff program and applies those differences to one or more original files, + producing patched versions. +
+Multiple vulnerabilities have been discovered in Patch. Please review + the CVE identifiers referenced below for details. +
+A local attacker could pass a specially crafted diff file to Patch, + possibly resulting in a Denial of Service condition or arbitrary code + execution. +
+There is no known workaround at this time.
+All Patch users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-devel/patch-2.7.6-r4"
+
+ VLC is a cross-platform media player and streaming server.
+Multiple vulnerabilities have been discovered in VLC. Please review the + CVE identifiers referenced below for details. +
+Remote attackers, by enticing a user to execute a specially crafted + media file, could cause a Denial of Service condition or possibly execute + arbitrary code. +
+There is no known workaround at this time.
+All VLC users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-video/vlc-3.0.7"
+
+ MariaDB is an enhanced, drop-in replacement for MySQL. MySQL is a + popular multi-threaded, multi-user SQL server. MySQL is a popular + multi-threaded, multi-user SQL server +
+Multiple vulnerabilities have been discovered in MariaDB and MySQL. + Please review the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All MariaDB 10.1.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.1.38-r1"
+
+
+ All MariaDB 10.2.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mariadb-10.2.22"
+
+
+ All MySQL 5.6.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.6.42"
+
+
+ All MySQL 5.7.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.7.24"
+
+ wpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE + 802.11i / RSN). +
+ +hostapd is a user space daemon for access point and authentication + servers. +
+A vulnerability was discovered in hostapd’s and wpa_supplicant’s + eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c files. +
+An attacker could cause a possible Denial of Service condition.
+There is no known workaround at this time.
+All hostapd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.8"
+
+
+ All wpa_supplicant users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-wireless/wpa_supplicant-2.8"
+
+