Apache CouchDB is a distributed, fault-tolerant and schema-free + document-oriented database. +
+Multiple vulnerabilities have been discovered in CouchDB. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could execute arbitrary code or escalate privileges.
+There is no known workaround at this time.
+Gentoo has discontinued support for CouchDB and recommends that users + unmerge the package: +
+ +
+ # emerge --unmerge "dev-db/couchdb"
+
+ SpamAssassin is an extensible email filter used to identify junk email.
+Multiple vulnerabilities have been discovered in SpamAssassin. Please + review the referenced CVE identifiers for details. +
+A remote attacker could execute arbitrary code, escalate privileges, or + cause a Denial of Service condition. +
+There is no known workaround at this time.
+All SpamAssassin users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=mail-filter/spamassassin-3.4.2-r2"
+
+ Scala combines object-oriented and functional programming in one + concise, high-level language. +
+It was discovered that Scala’s compilation daemon does not properly + manage permissions for private files. +
+A local attacker could escalate privileges.
+There is no known workaround at this time.
+All Scala users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-lang/scala-2.12.4"
+
+