RubyGems is a sophisticated package manager for Ruby.
+Multiple vulnerabilities have been discovered in RubyGems. Please review + the referenced CVE identifiers for details. +
+ +A remote attacker, by enticing a user to install a specially crafted + gem, could possibly execute arbitrary code with the privileges of the + process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All RubyGems users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-ruby/rubygems-2.6.13"
+
+ file is a utility that guesses a file format by scanning binary data for + patterns. +
+An issue discovered in file allows attackers to write 20 bytes to the + stack buffer via a specially crafted .notes section. +
+A remote attacker, by using a specially crafted .notes section in an ELF + binary, could execute arbitrary code or cause a Denial of Service + condition. +
+There is no known workaround at this time.
+All file users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/file-5.32"
+
+ ICU is a mature, widely used set of C/C++ and Java libraries providing + Unicode and Globalization support for software applications. +
+Multiple vulnerabilities have been discovered in ICU. Please review the + referenced CVE identifiers for details. +
+A remote attacker could possibly execute arbitrary code with the + privileges of the process or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All ICU users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/icu-58.2-r1"
+
+
+ Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying some of these packages. +
+sudo (su “do”) allows a system administrator to delegate authority + to give certain users (or groups of users) the ability to run some (or + all) commands as root or another user while providing an audit trail of + the commands and their arguments. +
+The fix present in app-admin/sudo-1.8.20_p1 (GLSA 201705-15) was + incomplete as it did not address the problem of a command with a newline + in the name. +
+A local attacker could execute arbitrary code with root privileges.
+There is no known workaround at this time.
+All sudo users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.20_p2"
+
+ Munin is an open source server monitoring tool.
+When Munin is compiled with CGI graphics enabled then the files + accessible to the www-data user can be overwritten. +
+A local attacker, by setting multiple upper_limit GET parameters, could + overwrite files accessible to the www-user. +
+There is no known workaround at this time.
+All Munin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-analyzer/munin-2.0.33"
+
+ PostgreSQL is an open source object-relational database management + system. +
+Multiple vulnerabilities have been discovered in PostgreSQL. Please + review the referenced CVE identifiers for details. +
+A remote attacker could escalate privileges, cause a Denial of Service + condition, obtain passwords, cause a loss in information, or obtain + sensitive information. +
+There is no known workaround at this time.
+All PostgreSQL 9.6.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.4"
+
+
+ All PostgreSQL 9.5.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.8"
+
+
+ All PostgreSQL 9.4.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.13"
+
+
+ All PostgreSQL 9.3.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.3.18"
+
+
+ All PostgreSQL 9.2.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.2.22"
+
+ OCaml is a high-level, strongly-typed, functional, and object-oriented + programming language from the ML family of languages. +
+A bad sanitization of environment variables: CAML_CPLUGINS, + CAML_NATIVE_CPLUGINS and CAML_BYTE_CPLUGINS in the OCaml compiler allows + the execution of raised privileges via external code. +
+A local attacker, by using specially crafted environment variables, + could possibly escalate privileges to the root group. +
+There is no known workaround at this time.
+All OCaml users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/ocaml-4.04.2"
+
+ Pacemaker is an Open Source, High Availability resource manager suitable + for both small and large clusters. +
+Multiple vulnerabilities have been discovered in Pacemaker. Please + review the referenced CVE identifiers for details. +
+A remote attacker could execute arbitrary code or a local attacker could + escalate privileges. +
+There is no known workaround at this time.
+All Pacemaker users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-cluster/pacemaker-1.1.16 "
+
+ PCRE2 is a project based on PCRE (Perl Compatible Regular Expressions) + which has a new and revised API. +
+Multiple vulnerabilities have been discovered in PCRE2. Please review + the referenced CVE identifiers for details. +
+ +A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, or have + other unspecified impacts. +
+There is no known workaround at this time.
+All PCRE2 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/libpcre2-10.30"
+
+
+ Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying some of these packages. +
+