Set of tools to manage Bluetooth devices for Linux.
+It was discovered that the HID and HOGP profiles implementations in + BlueZ did not specifically require bonding between the device and the + host. +
+A remote attacker with adjacent access could impersonate an existing HID + device, cause a Denial of Service condition or escalate privileges. +
+There is no known workaround at this time.
+All BlueZ users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-wireless/bluez-5.54"
+
+
+ Tor is an implementation of second generation Onion Routing, a + connection-oriented anonymizing communication service. +
+Multiple vulnerabilities have been discovered in Tor, and tor. Please + review the CVE identifiers referenced below for details. +
+A remote attacker could possibly cause a Denial of Service condition.
+There is no known workaround at this time.
+All Tor 0.4.1.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.1.9"
+
+
+ All Tor 0.4.2.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.2.7"
+
+
+ Wee Enhanced Environment for Chat (WeeChat) is a light and extensible + console IRC client. +
+Multiple vulnerabilities have been discovered in WeeChat. Please review + the CVE identifiers referenced below for details. +
+A remote attacker, by sending a specially crafted IRC message, could + possibly cause a Denial of Service condition. +
+There is no known workaround at this time.
+All WeeChat users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-irc/weechat-2.7.1"
+
+
+ Samba is a suite of SMB and CIFS client/server programs.
+Multiple vulnerabilities have been discovered in Samba. Please review + the CVE identifiers referenced below for details. +
+A remote attacker could possibly execute arbitrary code, cause a Denial + of Service condition, conduct a man-in-the-middle attack, or obtain + sensitive information. +
+There is no known workaround at this time.
+All Samba 4.9.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/samba-4.9.18"
+
+
+ All Samba 4.10.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/samba-4.10.13"
+
+
+ All Samba 4.11.x users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-fs/samba-4.11.6"
+
+
+ Chromium is an open-source browser project that aims to build a safer, + faster, and more stable way for all users to experience the web. +
+ +Google Chrome is one fast, simple, and secure browser for all your + devices. +
+Multiple vulnerabilities have been discovered in Chromium and Google + Chrome. Please review the referenced CVE identifiers for details. +
+A remote attacker could entice a user to open a specially crafted HTML + or multimedia file using Chromium or Google Chrome, possibly resulting in + execution of arbitrary code with the privileges of the process or a + Denial of Service condition. +
+There is no known workaround at this time.
+All Chromium users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/chromium-80.0.3987.149"
+
+
+ All Google Chrome users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=www-client/google-chrome-80.0.3987.149"
+
+
+ Pure-FTPd is a fast, production-quality and standards-compliant FTP + server. +
+Multiple vulnerabilities have been discovered in Pure-FTPd. Please + review the CVE identifiers referenced below for details. +
+A remote attacker could possibly cause a Denial of Service condition or + cause an information disclosure. +
+There is no known workaround at this time.
+All Pure-FTPd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-ftp/pure-ftpd-1.0.49-r2"
+
+
+ A shell designed for interactive use, although it is also a powerful + scripting language. +
+It was discovered that Zsh was insecure dropping privileges when + unsetting PRIVILEGED option. +
+An attacker could escalate privileges.
+There is no known workaround at this time.
+All Zsh users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-shells/zsh-5.8"
+
+
+