Kodi is a free and open source media-center and entertainment hub + previously known as XBMC. +
+Kodi is vulnerable due to shipping with an embedded version of UnRAR. + Please review the referenced CVE identifier for details. +
+A remote attacker, by enticing a user to process a specifically crafted + RAR file, could execute arbitrary code. +
+There is no known workaround at this time.
+All Kodi users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-tv/kodi-17.3-r1"
+
+ The Adobe Flash Player is a renderer for the SWF file format, which is + commonly used to provide interactive websites. +
+A critical type confusion vulnerability was discovered in Adobe Flash + Player. +
+A remote attacker could execute arbitrary code.
+There is no known workaround at this time.
+All Adobe Flash Player users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-plugins/adobe-flash-27.0.0.170"
+
+ Go is an open source programming language that makes it easy to build + simple, reliable, and efficient software. +
+Multiple vulnerabilities have been discovered in Go. Please review the + references below for details. +
+Remote attackers could execute arbitrary Go commands or conduct a man in + the middle attack. +
+There is no known workaround at this time.
+All Go users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/go-1.9.1"
+
+ Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. +
+ +Google Chrome is one fast, simple, and secure browser for all your + devices +
+Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the referenced CVE identifiers and Google Chrome + Releases for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, bypass + content security controls, or conduct URL spoofing. +
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-62.0.3202.62"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/google-chrome-62.0.3202.62"
+
+ The PCRE Library provides functions for Perl-compatible regular + expressions. +
+Multiple vulnerabilities have been discovered in The PCRE Library. + Please review the references below for details. +
+ +A remote attacker could possibly cause a Denial of Service condition or + other unspecified impacts via a specially crafted file. +
+There is no known workaround at this time.
+All PCRE users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libpcre-8.41"
+
+
+ Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying some of these packages. +
+OpenJPEG is an open-source JPEG 2000 library.
+Multiple vulnerabilities have been discovered in OpenJPEG. Please review + the references below for details. +
+ +A remote attacker, via a crafted BMP, PDF, or j2k document, could + execute arbitrary code, cause a Denial of Service condition, or have + other unspecified impacts. +
+There is no known workaround at this time.
+All OpenJPEG users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/openjpeg-2.3.0:2"
+
+ Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP + server. +
+Multiple vulnerabilities have been discovered in Dnsmasq. Please review + the references below for details. +
+A remote attacker could execute arbitrary code or cause a Denial of + Service condition via crafted DNS, IPv6, or DHCPv6 packets. +
+There is no known workaround at this time.
+All Dnsmasq users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78"
+
+