xkbcommon is a library to handle keyboard descriptions, including + loading them from disk, parsing them and handling their state. +
+Multiple vulnerabilities have been discovered in libxkbcommon. Please + review the CVE identifiers referenced below for details. +
+A local attacker could supply a specially crafted keymap file possibly + resulting in a Denial of Service condition. +
+There is no known workaround at this time.
+All libxkbcommon users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-libs/libxkbcommon-0.8.2"
+
+
+ Xen is a bare-metal hypervisor.
+ +Multiple vulnerabilities have been discovered in Xen. Please review the + referenced CVE identifiers for details. +
+A local attacker could cause a Denial of Service condition or disclose + sensitive information. +
+There is no known workaround at this time.
+All Xen users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2"
+
+
+ All Xen tools users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ ">=app-emulation/xen-tools-4.10.1-r2"
+
+
+ Mutt is a small but very powerful text-based mail client.
+ +NeoMutt is a command line mail reader (or MUA). It’s a fork of Mutt + with added features. +
+Multiple vulnerabilities have been discovered in Mutt, and NeoMutt. + Please review the CVE identifiers referenced below for details. +
+A remote attacker could entice a user to open a specially crafted mail + message or connect to malicious mail server using Mutt or NeoMutt, + possibly resulting in execution of arbitrary code or directory traversal + with the privileges of the process or a Denial of Service condition. +
+There is no known workaround at this time.
+All Mutt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-client/mutt-1.10-1"
+
+
+ All NeoMuutt users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=mail-client/neomutt-20180716"
+
+
+ PostgreSQL is an open source object-relational database management + system. +
+Multiple vulnerabilities have been discovered in PostgreSQL. Please + review the referenced CVE identifiers for details. +
+ +In addition it was discovered that Gentoo’s PostgreSQL installation + suffered from a privilege escalation vulnerability due to a runscript + which called OpenRC’s checkpath() on a user controlled path and allowed + user running PostgreSQL to kill arbitrary processes via PID file + manipulation. +
+A remote attacker could bypass certain client-side connection security + features, read arbitrary server memory or alter certain data. +
+ +In addition, a local attacker could gain privileges or cause a Denial of + Service condition by killing arbitrary processes. +
+There is no known workaround at this time.
+All PostgreSQL users up to 9.3 should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.3.24:9.3"
+
+
+ All PostgreSQL 9.4 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.19:9.4"
+
+
+ All PostgreSQL 9.5 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.14:9.5"
+
+
+ All PostgreSQL 9.6 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.10:9.6"
+
+
+ All PostgreSQL 10 users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=dev-db/postgresql-10.5:10"
+
+
+ The X Window System is a graphical windowing system based on a + client/server model. +
+An incorrect permission check for -modulepath and -logfile options when + starting Xorg. X server allows unprivileged users with the ability to log + in to the system via physical console to escalate their privileges and + run arbitrary code under root privileges. +
+A local attacker can escalate privileges to root by passing crafted + parameters to the X.org X server. +
+There is no known workaround at this time.
+All X.Org X Server users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.20.3"
+
+
+ A system and service manager.
+Multiple vulnerabilities have been discovered in systemd. Please review + the CVE identifiers referenced below for details. +
+An attacker could possibly execute arbitrary code, cause a Denial of + Service condition, or gain escalated privileges. +
+There is no known workaround at this time.
+All systemd users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-apps/systemd-239-r2"
+
+
+