ImageMagick is a collection of tools and libraries for many image + formats. +
+Multiple vulnerabilities have been discovered in ImageMagick. Please + review the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All ImageMagick users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.9.6.2"
+
+ PHP is a widely-used general-purpose scripting language that is + especially suited for Web development and can be embedded into HTML. +
+Multiple vulnerabilities have been discovered in PHP. Please review the + CVE identifiers referenced below for details. +
+An attacker can possibly execute arbitrary code or create a Denial of + Service condition. +
+There is no known workaround at this time.
+All PHP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.28"
+
+ The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of + cryptographic software. +
+A long standing bug (since 1998) in Libgcrypt (see “GLSA 201610-04” + below) and GnuPG allows an attacker to predict the output from the + standard RNG. Please review the “Entropy Loss and Output Predictability + in the Libgcrypt PRNG” paper below for a deep technical analysis. +
+An attacker who obtains 580 bytes of the random number from the standard + RNG can trivially predict the next 20 bytes of output. +
+ +This flaw does not affect the default generation of keys, because + running gpg for key creation creates at most 2 keys from the pool. For a + single 4096 bit RSA key, 512 bytes of random are required and thus for + the second key (encryption subkey), 20 bytes could be predicted from the + the first key. +
+ +However, the security of an OpenPGP key depends on the primary key + (which was generated first) and thus the 20 predictable bytes should not + be a problem. For the default key length of 2048 bit nothing will be + predictable. +
+There is no known workaround at this time.
+All GnuPG 1 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-crypt/gnupg-1.4.21"
+
+
+ DavFS2 is a file system driver that allows you to mount a WebDAV server + as a local disk drive. +
+DavFS2 installs “/usr/sbin/mount.davfs” as setuid root. This utility + uses “system()” to call “/sbin/modprobe”. +
+ +While the call to “modprobe” itself cannot be manipulated, a local + authenticated user can set the “MODPROBE_OPTIONS” environment + variable to pass a user controlled path, allowing the loading of an + arbitrary kernel module. +
+A local user could gain root privileges.
+The system administrator should ensure that all modules the + “mount.davfs” utility tries to load are loaded upon system boot + before any local user can call the utility. +
+ +An additional defense measure can be implemented by enabling the Linux + kernel module signing feature. This assists in the prevention of + arbitrary modules being loaded. +
+All DavFS2 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/davfs2-1.5.2"
+
+ libsndfile is a C library for reading and writing files containing + sampled sound. +
+Multiple vulnerabilities have been discovered in libsndfile. Please + review the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to open a specially crafted file, + possibly resulting in the execution of arbitrary code with the privileges + of the process, or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All libsndfile users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libsndfile-1.0.26"
+
+ BusyBox is a set of tools for embedded systems and is a replacement for + GNU Coreutils. +
+Multiple vulnerabilities have been discovered in BusyBox. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, or cause a Denial of Service condition. +
+There is no known workaround at this time. However, on Gentoo, the + remote code execution vulnerability can be avoided if you don’t use + BusyBox’s udhcpc or build the package without the “ipv6” USE flag + enabled. +
+All BusyBox users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/busybox-1.24.2"
+
+
+ Pygments is a generic syntax highlighter suitable for use in code + hosting, forums, wikis or other applications that need to prettify source + code. +
+A vulnerability in FontManager’s _get_nix_font_path function allows + shell metacharacters to be passed in a font name. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process. +
+There is no known workaround at this time.
+All Pygments users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/pygments-2.0.2-r1"
+
+ Nghttp2 is an implementation of HTTP/2 and its header compression + algorithm HPACK in C. +
+A heap-use-after-free vulnerability has been discovered in nghttp2. + Please review the CVE identifier referenced below for details. +
+The impact of the vulnerability is still unknown.
+There is no known workaround at this time.
+All nghttp2 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/nghttp2-1.6.0"
+
+ Debian package management system.
+Gentoo Linux developer, Hanno Böck, discovered an off-by-one error in + the dpkg-deb component of dpkg, the Debian package management system, + which triggers a stack-based buffer overflow. +
+An attacker could potentially execute arbitrary code if an user or an + automated system were tricked into processing a specially crafted Debian + binary package (.deb). +
+There is no known workaround at this time.
+All dpkg users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/dpkg-1.17.26"
+
+ The LinuxCIFS utils are a collection of tools for managing Linux CIFS + Client Filesystems. +
+A stack-based buffer overflow was discovered in cifskey.c or cifscreds.c + in LinuxCIFS, as used in “pam_cifscreds.” +
+A remote attacker could exploit this vulnerability to cause an + unspecified impact. +
+Don’t use LinuxCIFS utils’ “cifscreds” PAM module. In Gentoo, + LinuxCIFS utils’ PAM support is disabled by default unless the + “pam” USE flag is enabled. +
+All LinuxCIFS utils users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/cifs-utils-6.4"
+
+ GD is a graphic library for fast image creation.
+Multiple vulnerabilities have been discovered in GD. Please review the + CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All gd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/gd-2.2.3"
+
+ libvirt is a C toolkit for manipulating virtual machines.
+Normally, only privileged users can coerce libvirt into creating or + opening existing files using the virStorageVol APIs; and such users + already have full privilege to create any domain XML. +
+ +But in the case of fine-grained ACLs, it is feasible that a user can be + granted storage_vol:create but not domain:write, and it violates + assumptions if such a user can abuse libvirt to access files outside of + the storage pool. +
+When fine-grained Access Control Lists (ACL) are in effect, an + authenticated local user with storage_vol:create permission but without + domain:write permission maybe able to create or access arbitrary files + outside of the storage pool. +
+Don’t make use of fine-grained Access Control Lists (ACL) in libvirt; + In Gentoo, libvirt’s ACL support is disable by default unless you + enable the “policykit” USE flag. +
+All libvirt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-emulation/libvirt-1.2.21-r1"
+
+ Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. +
+Multiple vulnerabilities have been discovered in the Chromium web + browser. Please review the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, obtain + sensitive information, or bypass security restrictions. +
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-55.0.2883.75"
+
+