LibTIFF provides support for reading and manipulating TIFF (Tagged Image File Format) images.
+Multiple vulnerabilities have been discovered in LibTIFF. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All LibTIFF users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.4.0"
+
+ schroot is a utility to execute commands in a chroot environment.
+schroot is unecessarily permissive in rules regarding chroot and session names.
+A crafted chroot or session name can break the internal state of the schroot service, leading to denial of service.
+There is no known workaround at this time.
+All schroot users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-util/schroot-1.6.13"
+
+ Lighttpd is a lightweight high-performance web server.
+Lighttpd's mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received.
+An attacker can trigger a denial of service via making Lighttpd try to call an uninitialized function pointer.
+There is no known workaround at this time.
+All lighttpd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-servers/lighttpd-1.4.67"
+
+ libgcrypt is a general purpose cryptographic library derived out of GnuPG.
+Multiple vulnerabilities have been discovered in libgcrypt. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All libgcrypt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libgcrypt-1.9.4"
+
+ Gitea is a painless self-hosted Git service.
+Multiple vulnerabilities have been discovered in Gitea. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Gitea users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-apps/gitea-1.17.3"
+
+ GDAL is a geospatial data abstraction library.
+GDAL does not sufficiently sanitize input when loading PCIDSK binary segments.
+Loading crafted PCIDSK data via GDAL could result in denial of service.
+There is no known workaround at this time.
+All GDAL users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sci-libs/gdal-3.4.1"
+
+ Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. + +Google Chrome is one fast, simple, and secure browser for all your devices. + +Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
+Multiple vulnerabilities have been discovered in Chromium, Google Chrome, and Microsoft Edge. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/chromium-106.0.5249.119"
+
+
+ All Chromium binary users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-106.0.5249.119"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/google-chrome-106.0.5249.119"
+
+
+ All Microsoft Edge users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-106.0.1370.37"
+
+ JHead is an EXIF JPEG header manipulation tool.
+Multiple vulnerabilities have been discovered in JHead. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All JHead users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-gfx/jhead-3.06.0.1"
+
+ Sofia-SIP is an RFC3261 compliant SIP User-Agent library.
+Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Sofia-SIP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/sofia-sip-1.13.8"
+
+ Apptainer is the container system for secure high-performance computing.
+The Go module "sif" version 2.8.0 and older, which is a statically linked dependency of Apptainer, does not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures.
+An image whose verification relies on a cryptographically insecure hash algorithm could be replaced, resulting in users using an image other than the one that was expected.
+There is no known workaround at this time.
+All Apptainer users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-containers/apptainer-1.1.2"
+
+ Nicotine+ is a fork of nicotine, a Soulseek client in Python.
+Nicotine+ does not sufficiently validate file path in download requests.
+A file path in a download request which contains a null character will cause a crash of Nicotine+.
+There is no known workaround at this time.
+All Nicotine+ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-p2p/nicotine+-3.2.1"
+
+ FasterXML jackson-databind is a general data-binding package for Jackson (2.x) which works on streaming API (core) implementation(s).
+Multiple vulnerabilities have been discovered in FasterXML jackson-databind. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All FasterXML jackson-databind users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-java/jackson-databind-2.13.4.1"
+
+ The Red Hat Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages.
+Multiple vulnerabilities have been discovered in RPM. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All RPM users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-arch/rpm-4.18.0"
+
+ Libksba is a X.509 and CMS (PKCS#7) library.
+An integer overflow in parsing ASN.1 objects could lead to a buffer overflow.
+Crafted ASN.1 objects could trigger an integer overflow and buffer overflow to result in remote code execution.
+There is no known workaround at this time.
+All libksba users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libksba-1.6.2"
+
+ FreeRDP is a free implementation of the remote desktop protocol.
+Multiple vulnerabilities have been discovered in FreeRDP. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All FreeRDP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/freerdp-2.8.1"
+
+ ISC BIND is the Internet Systems Consortium implementation of the Domain Name System (DNS) protocol.
+Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All ISC BIND users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-dns/bind-9.16.33"
+
+
+ All ISC BIND-tools users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-dns/bind-tools-9.16.33"
+
+ Shadow contains utilities to deal with user accounts
+A TOCTOU race condition was discovered in shadow. A local attacker with write privileges in a directory removed or copied by usermod/userdel could potentially exploit this flaw when the administrator invokes usermod/userdel.
+An unauthorized user could potentially modify files which they do not have write permissions for.
+There is no known workaround at this time.
+All Shadow users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/shadow-4.12.2"
+
+ open-vm-tools contains tools for VMware guests.
+A pipe accessible to unprivileged users in the VMWare guest does not sufficiently sanitize input.
+An unprivileged guest user could achieve root privileges within the guest.
+There is no known workaround at this time.
+All open-vm-tools users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-emulation/open-vm-tools-12.1.0"
+
+ libexif is a library for parsing, editing and saving Exif metadata from images. exif is a small command line interface for libexif.
+There is a bug in exif's XML output format which can result in a null pointer dereference when outputting crafted JPEG EXIF data.
+A crafted JPEG image can trigger a denial of service in the form of a null pointer dereference.
+There is no known workaround at this time.
+All exif users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-gfx/exif-0.6.22"
+
+ Net-SNMP is a suite of applications used to implement the Simple Network Management Protocol.
+Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All Net-SNMP users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.9.2"
+
+ The X Window System is a graphical windowing system based on a client/server model.
+Multiple vulnerabilities have been discovered in X.Org X server and XWayland. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All X.Org X server users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-21.1.4"
+
+
+ All XWayland users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-base/xwayland-22.1.3"
+
+ OpenEXR is a high dynamic-range (HDR) image file format developed by Industrial Light & Magic for use in computer imaging applications.
+Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details.
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All OpenEXR users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/openexr-3.1.5"
+
+ hiredis is a minimalistic C client library for the Redis database. + +hiredis-py is a Python extension that wraps hiredis.
+Hiredis is vulnerable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow.
+Malicious Redis commands could result in remote code execution.
+There is no known workaround at this time.
+All hiredis users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/hiredis-1.0.1"
+
+
+ All hiredis-py users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-python/hiredis-2.0.0"
+
+ Libtirpc is a port of Sun's Transport-Independent RPC library to Linux.
+Currently svc_run does not handle poll timeout and rendezvous_request +does not handle EMFILE error returned from accept(2 as it used to. +These two missing functionality were removed by commit b2c9430f46c4. + +The effect of not handling poll timeout allows idle TCP conections +to remain ESTABLISHED indefinitely. When the number of connections +reaches the limit of the open file descriptors (ulimit -n) then +accept(2) fails with EMFILE. Since there is no handling of EMFILE +error this causes svc_run() to get in a tight loop calling accept(2). +This resulting in the RPC service of svc_run is being down, it's +no longer able to service any requests. + +Due to a lack of handling of certain error cases, connections to Libtirpc could remain ESTABLISHED indefinitely.
+Denial of service can be achieved via establishing enough connections to Libtirpc to reach the limit of open file descriptors for the process.
+There is no known workaround at this time.
+All Libtirpc users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-libs/libtirpc-1.3.2"
+
+