Salt is a fast, intelligent and scalable automation engine.
+Multiple vulnerabilities have been discovered in Salt. Please review the + CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary commands via + salt-api, cause a Denial of Service condition, bypass access restrictions + or disclose sensitive information. +
+There is no known workaround at this time.
+All Salt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-admin/salt-3000.8"
+
+
+ Redis is an open source (BSD licensed), in-memory data structure store, + used as a database, cache and message broker. +
+It was discovered that there were a number of integer overflow issues in + Redis. +
+A remote attacker, able to connect to a Redis instance, could send a + malicious crafted large request possibly resulting in the execution of + arbitrary code with the privileges of the process or a Denial of Service + condition. +
+There is no known workaround at this time.
+All Redis 5.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/redis-5.0.12"
+
+
+ All Redis 6.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/redis-6.0.12"
+
+
+ OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer + (SSL v2/v3) and Transport Layer Security (TLS v1/v1.1/v1.2/v1.3) as well + as a general purpose cryptography library. +
+Multiple vulnerabilities have been discovered in OpenSSL. Please review + the CVE identifiers referenced below for details. +
+Please review the referenced CVE identifiers for details.
+There is no known workaround at this time.
+All OpenSSL users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.1.1k"
+
+
+ SQLite is a C library that implements an SQL database engine.
+It was discovered that SQLite incorrectly handled certain sub-queries.
+A remote attacker could possibly execute arbitrary code with the + privileges of the process, or cause a Denial of Service condition. +
+There is no known workaround at this time.
+All SQLite users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.34.1"
+
+
+