Simple DirectMedia Layer is a cross-platform development library + designed to provide low level access to audio, keyboard, mouse, joystick, + and graphics hardware via OpenGL and Direct3D. +
+Multiple vulnerabilities have been discovered in Simple DirectMedia + Layer. Please review the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to process a specially crafted + audio or video, possibly resulting in execution of arbitrary code with + the privileges of the process or a Denial of Service condition. +
+There is no known workaround at this time.
+All Simple DirectMedia Layer users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libsdl2-2.0.10"
+
+
+ D-Bus is a message bus system which processes can use to talk to each + other. +
+It was discovered that a local attacker could manipulate symbolic links + in their own home directory to bypass authentication and connect to a + DBusServer with elevated privileges. +
+A local attacker can bypass authentication mechanisms and elevate + privileges. +
+There is no known workaround at this time.
+All D-Bus users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/dbus-1.12.16"
+
+