A library for manipulating FlashPIX images.
+A double free vulnerability has been discovered in the Free_All_Memory + function in jpeg/dectile.c. +
+A remote attacker could entice a user to open a specially crafted FPX + image using an application linked against libfpx, possibly resulting in a + Denial of Service condition. +
+There is no known workaround at this time.
+All libfpx users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=media-libs/libfpx-1.3.1_p6"
+
+
+ Packages which depend on this library may need to be recompiled. Tools + such as revdep-rebuild may assist in identifying these packages. +
+File transfer program to keep remote files into sync.
+Multiple vulnerabilities have been discovered in rsync. Please review + the CVE identifiers referenced below for details. +
+Remote attackers could write arbitrary files via symlink attacks.
+There is no known workaround at this time.
+All rsync users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=net-misc/rsync-3.1.2"
+
+ Linux-PAM (Pluggable Authentication Modules) is an architecture allowing + the separation of the development of privilege granting software from the + development of secure and appropriate authentication schemes. +
+Multiple vulnerabilities have been discovered in Linux-PAM. Please + review the CVE identifiers referenced below for details. +
+Remote attackers could cause Denial of Service, conduct brute force + attacks, and conduct username enumeration. +
+There is no known workaround at this time.
+All Linux-PAM users should upgrade to the latest version:
+ +
+ # emerge --sync
+ # emerge --ask --oneshot --verbose ">=sys-libs/pam-1.2.1"
+
+
+