Security
Security
This page lists all security advisories that were released by the Gentoo security team. For more information, please visit our distribution's security overview.
| ID | Title |
|---|---|
| 202012-24 | Samba: Multiple vulnerabilities |
| 202012-23 | Apache Tomcat: Information disclosure |
| 202012-22 | HAProxy: Arbitrary code execution |
| 202012-21 | Mozilla Network Security Service (NSS): Denial of service |
| 202012-20 | Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities |
| 202012-19 | PowerDNS Recursor: Denial of service |
| 202012-18 | PowerDNS: information disclosure |
| 202012-17 | D-Bus: Denial of service |
| 202012-16 | PHP: Multiple vulnerabilities |
| 202012-15 | GDK-PixBuf: Denial of service |
| 202012-14 | cURL: Multiple vulnerabilities |
| 202012-13 | OpenSSL: Denial of service |
| 202012-12 | libass: User-assisted execution of arbitrary code |
| 202012-11 | c-ares: Denial of service |
| 202012-10 | WebkitGTK+: Multiple vulnerabilities |
| 202012-09 | Cherokee: Multiple vulnerabilities |
| 202012-08 | MariaDB: Multiple vulnerabilities |
| 202012-07 | PostgreSQL: Multiple vulnerabilities |
| 202012-06 | Linux-PAM: Authentication bypass |
| 202012-05 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202012-04 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202012-03 | Mozilla Firefox: Multiple vulnerabilities |
| 202012-02 | SeaMonkey: Multiple vulnerabilities |
| 202012-01 | X.Org X Server: Multiple vulnerabilities |
| 202011-19 | libexif: Multiple vulnerabilities |
| 202011-18 | Apache Ant: Insecure temporary file |
| 202011-17 | MIT Kerberos 5: Denial of service |
| 202011-16 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202011-15 | libmaxminddb: Denial of service |
| 202011-14 | MariaDB: Remote code execution |
| 202011-13 | Salt: Multiple vulnerabilities |
| 202011-12 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202011-11 | Blueman: Local privilege escalation |
| 202011-10 | tmux: Buffer overflow |
| 202011-09 | QEMU: Multiple vulnerabilities |
| 202011-08 | Wireshark: Multiple vulnerabilities |
| 202011-07 | Mozilla Firefox: Remote code execution |
| 202011-06 | Xen: Multiple vulnerabilities |
| 202011-05 | libssh: Denial of service |
| 202011-04 | Fossil: Multiple vulnerabilities |
| 202011-03 | KPMCore: Root privilege escalation |
| 202011-02 | OpenDMARC: Heap-based buffer overflow |
| 202011-01 | BlueZ: Arbitrary code execution |
| 202010-08 | Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities |
| 202010-07 | FreeType: Arbitrary code execution |
| 202010-06 | Ark: Arbitrary code execution |
| 202010-05 | LibRaw: Multiple vulnerabilities |
| 202010-04 | libxml2: Multiple vulnerabilities |
| 202010-03 | libjpeg-turbo: Information disclosure |
| 202010-02 | Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities |
| 202010-01 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202009-18 | Bitcoin: Multiple vulnerabilities |
| 202009-17 | gpsd: Arbitrary code execution |
| 202009-16 | LinuxCIFS: Shell injection |
| 202009-15 | libuv: Buffer overflow |
| 202009-14 | Xen: Buffer overflow |
| 202009-13 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202009-12 | ZeroMQ: Denial of service |
| 202009-11 | ProFTPD: Denial of service |
| 202009-10 | PHP: Denial of service |
| 202009-09 | Nextcloud Desktop Sync client: Multiple vulnerabilities |
| 202009-08 | GNOME Shell: Information disclosure |
| 202009-07 | Perl DBI: Multiple vulnerabilities |
| 202009-06 | GNOME File Roller: Directory traversal |
| 202009-05 | GStreamer RTSP Server: Denial of service |
| 202009-04 | Qt GUI: Buffer overflow |
| 202009-03 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202009-02 | Dovecot: Multiple vulnerabilities |
| 202009-01 | GnuTLS: Denial of service |
| 202008-24 | OpenJDK: Multiple vulnerabilities |
| 202008-23 | chrony: Symlink vulnerability |
| 202008-22 | targetcli-fb: Multiple vulnerabilities |
| 202008-21 | Kleopatra: Remote code execution |
| 202008-20 | GPL Ghostscript: Multiple vulnerabilities |
| 202008-19 | BIND: Multiple vulnerabilities |
| 202008-18 | X.Org X11 library: Multiple vulnerabilities |
| 202008-17 | Redis: Multiple vulnerabilities |
| 202008-16 | Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities |
| 202008-15 | Docker: Information disclosure |
| 202008-14 | Wireshark: Denial of service |
| 202008-13 | PostgreSQL: Multiple vulnerabilities |
| 202008-12 | Net-SNMP: Multiple vulnerabilities |
| 202008-11 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202008-10 | Chromium, Google Chrome: Heap buffer overflow |
| 202008-09 | Shadow: Privilege escalation |
| 202008-08 | Mozilla Network Security Service (NSS): Multiple vulnerabilities |
| 202008-07 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202008-06 | iproute2: Denial of service |
| 202008-05 | gThumb: Arbitrary code execution |
| 202008-04 | Apache: Multiple vulnerabilities |
| 202008-03 | Ark: Arbitrary code execution |
| 202008-02 | GNU GLOBAL: Arbitrary code execution |
| 202008-01 | Python: Multiple vulnerabilities |
| 202007-65 | libsndfile: Multiple vulnerabilities |
| 202007-64 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202007-63 | SNMP Trap Translator: Multiple vulnerabilities |
| 202007-62 | PyCrypto: Weak key generation |
| 202007-61 | WebKitGTK+: Multiple vulnerabilities |
| 202007-60 | Mozilla Firefox: Multiple vulnerabilities |
| 202007-59 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202007-58 | FFmpeg: Multiple vulnerabilities |
| 202007-57 | Mutt, Neomutt: Multiple vulnerabilities |
| 202007-56 | Claws Mail: Improper STARTTLS handling |
| 202007-55 | libetpan: Improper STARTTLS handling |
| 202007-54 | rsync: Multiple vulnerabilities |
| 202007-53 | Dropbear: Multiple vulnerabilities |
| 202007-52 | mujs: Multiple vulnerabilities |
| 202007-51 | FileZilla: Untrusted search path |
| 202007-50 | GLib Networking: Improper certificate validation |
| 202007-49 | Mozilla Network Security Service (NSS): Information disclosure |
| 202007-48 | OCaml: Arbitrary code execution |
| 202007-47 | Okular: Local restricted command execution |
| 202007-46 | D-Bus: Denial of service |
| 202007-45 | NTFS-3G: Remote code execution, possible privilege escalation |
| 202007-44 | FreeXL: Multiple vulnerabilities |
| 202007-43 | TRE: Multiple vulnerabilities |
| 202007-42 | LHa: Buffer overflow |
| 202007-41 | Roundcube: Multiple vulnerabilities |
| 202007-40 | Thin: Privilege escalation |
| 202007-39 | Binutils: Multiple vulnerabilities |
| 202007-38 | QtGui: Arbitrary code execution |
| 202007-37 | AWStats: Multiple vulnerabilities |
| 202007-36 | DjVu: Multiple vulnerabilities |
| 202007-35 | ReportLab: Arbitrary code execution |
| 202007-34 | Apache Ant: Multiple vulnerabilities |
| 202007-33 | OSSEC: Multiple vulnerabilities |
| 202007-32 | Sarg: Local privilege escalation |
| 202007-31 | Icinga: Root privilege escalation |
| 202007-30 | spice: Arbitrary code execution |
| 202007-29 | rssh: Multiple vulnerabilities |
| 202007-28 | re2c: Buffer overflow |
| 202007-27 | Haml: Arbitrary code execution |
| 202007-26 | SQLite: Multiple vulnerabilities |
| 202007-25 | arpwatch: Root privilege escalation |
| 202007-24 | Twisted: Access restriction bypasses |
| 202007-23 | ClamAV: Multiple vulnerabilities |
| 202007-22 | sysstat: Arbitrary code execution |
| 202007-21 | Libreswan: Denial of service |
| 202007-20 | fuseiso: Multiple vulnerabilities |
| 202007-19 | WavPack: Multiple vulnerabilities |
| 202007-18 | QtNetwork: Denial of service |
| 202007-17 | JHead: Multiple vulnerabilities |
| 202007-16 | cURL: Multiple vulnerabilities |
| 202007-15 | Samba: Multiple vulnerabilities |
| 202007-14 | yaml-cpp: Denial of service |
| 202007-13 | Wireshark: Multiple vulnerabilities |
| 202007-12 | NTP: Multiple vulnerabilities |
| 202007-11 | WebKitGTK+: Multiple vulnerabilities |
| 202007-10 | Mozilla Firefox: Multiple vulnerabilities |
| 202007-09 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202007-08 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202007-07 | Transmission: Remote code execution |
| 202007-06 | HylaFAX: Multiple vulnerabilities |
| 202007-05 | libexif: Multiple vulnerabilities |
| 202007-04 | fwupd, libjcat: Multiple vulnerabilities |
| 202007-03 | Cacti: Multiple vulnerabilities |
| 202007-02 | Xen: Multiple vulnerabilities |
| 202007-01 | netqmail: Multiple vulnerabilities |
| 202006-23 | Cyrus IMAP Server: Access restriction bypass |
| 202006-22 | OpenJDK, IcedTea: Multiple vulnerabilities |
| 202006-21 | Apache Tomcat: Remote code execution |
| 202006-20 | Asterisk: Root privilege escalation |
| 202006-19 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202006-18 | Bubblewrap: Arbitrary code execution |
| 202006-17 | FAAD2: Multiple vulnerabilities |
| 202006-16 | PCRE2: Denial of service |
| 202006-15 | OpenConnect: Multiple vulnerabilities |
| 202006-14 | PEAR Archive_Tar: Remote code execution vulnerability |
| 202006-13 | json-c: Multiple vulnerabilities |
| 202006-12 | GNU Mailutils: Privilege escalation |
| 202006-11 | Ansible: Multiple vulnerabilities |
| 202006-10 | GNU Readline: Multiple vulnerabilities |
| 202006-09 | Adobe Flash Player: Arbitrary code execution |
| 202006-08 | WebKitGTK+: Multiple vulnerabilities |
| 202006-07 | Mozilla Firefox: Multiple vulnerabilities |
| 202006-06 | ssvnc: Multiple vulnerabilities |
| 202006-05 | Nokogiri: Command injection |
| 202006-04 | glibc: Multiple vulnerabilities |
| 202006-03 | Perl: Multiple vulnerabilities |
| 202006-02 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202006-01 | GnuTLS: Information disclosure |
| 202005-13 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202005-12 | OpenSLP: Multiple vulnerabilities |
| 202005-11 | VLC: Buffer overflow |
| 202005-10 | libmicrodns: Multiple vulnerabilities |
| 202005-09 | Python: Denial of service |
| 202005-08 | Xen: Multiple vulnerabilities |
| 202005-07 | FreeRDP: Multiple vulnerabilities |
| 202005-06 | LIVE555 Media Server: Multiple vulnerabilities |
| 202005-05 | Squid: Multiple vulnerabilities |
| 202005-04 | Mozilla Firefox: Multiple vulnerabilities |
| 202005-03 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202005-02 | QEMU: Multiple vulnerabilities |
| 202005-01 | Long Range ZIP: Multiple vulnerabilities |
| 202004-17 | Django: Multiple vulnerabilities |
| 202004-16 | Cacti: Multiple vulnerabilities |
| 202004-15 | libu2f-host: Multiple vulnerabilities |
| 202004-14 | FontForge: Multiple vulnerabilities |
| 202004-13 | Git: Information disclosure |
| 202004-12 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202004-11 | Mozilla Firefox: Multiple vulnerabilities |
| 202004-10 | OpenSSL: Multiple vulnerabilities |
| 202004-09 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202004-08 | libssh: Denial of service |
| 202004-07 | Mozilla Firefox: Multiple vulnerabilities |
| 202004-06 | GnuTLS: DTLS protocol regression |
| 202004-05 | ledger: Multiple vulnerabilities |
| 202004-04 | Qt WebEngine: Arbitrary code execution |
| 202004-03 | GPL Ghostscript: Multiple vulnerabilities |
| 202004-02 | VirtualBox: Multiple vulnerabilities |
| 202004-01 | HAProxy: Remote execution of arbitrary code |
| 202003-66 | QEMU: Multiple vulnerabilities |
| 202003-65 | FFmpeg: Multiple vulnerabilities |
| 202003-64 | libxls: Multiple vulnerabilities |
| 202003-63 | GNU IDN Library 2: Multiple vulnerabilities |
| 202003-62 | GNU Screen: Buffer overflow |
| 202003-61 | Adobe Flash Player: Remote execution of arbitrary code |
| 202003-60 | QtCore: Multiple vulnerabilities |
| 202003-59 | libvpx: User-assisted execution of arbitrary code |
| 202003-58 | UnZip: User-assisted execution of arbitrary code |
| 202003-57 | PHP: Multiple vulnerabilities |
| 202003-56 | Xen: Multiple vulnerabilities |
| 202003-55 | Zsh: Privilege escalation |
| 202003-54 | Pure-FTPd: Multiple vulnerabilities |
| 202003-53 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202003-52 | Samba: Multiple vulnerabilities |
| 202003-51 | WeeChat: Multiple vulnerabilities |
| 202003-50 | Tor: Multiple vulnerabilities |
| 202003-49 | BlueZ: Security bypass |
| 202003-48 | Node.js: Multiple vulnerabilities |
| 202003-47 | Exim: Heap-based buffer overflow |
| 202003-46 | ClamAV: Multiple vulnerabilities |
| 202003-45 | PyYAML: Arbitrary code execution |
| 202003-44 | Binary diff: Heap-based buffer overflow |
| 202003-43 | Apache Tomcat: Multiple vulnerabilities |
| 202003-42 | libgit2: Multiple vulnerabilities |
| 202003-41 | GNU FriBidi: Heap-based buffer overflow |
| 202003-40 | Cacti: Multiple vulnerabilities |
| 202003-39 | phpMyAdmin: SQL injection |
| 202003-38 | PECL Imagick: Arbitrary code execution |
| 202003-37 | Mozilla Network Security Service: Multiple vulnerabilities |
| 202003-36 | libvorbis: Multiple vulnerabilities |
| 202003-35 | ProFTPd: Multiple vulnerabilities |
| 202003-34 | Squid: Multiple vulnerabilities |
| 202003-33 | GStreamer Base Plugins: Heap-based buffer overflow |
| 202003-32 | Libgcrypt: Side-channel attack |
| 202003-31 | gdb: Buffer overflow |
| 202003-30 | Git: Multiple vulnerabilities |
| 202003-29 | cURL: Multiple vulnerabilities |
| 202003-28 | libarchive: Multiple vulnerabilities |
| 202003-27 | libssh: Arbitrary command execution |
| 202003-26 | Python: Multiple vulnerabilities |
| 202003-25 | libTIFF: Multiple vulnerabilities |
| 202003-24 | file: Heap-based buffer overflow |
| 202003-23 | libjpeg-turbo: User-assisted execution of arbitrary code |
| 202003-22 | WebkitGTK+: Multiple vulnerabilities |
| 202003-21 | runC: Multiple vulnerabilities |
| 202003-20 | systemd: Heap use-after-free |
| 202003-19 | PPP: Buffer overflow |
| 202003-18 | libvirt: Multiple vulnerabilities |
| 202003-17 | nfdump: Multiple vulnerabilities |
| 202003-16 | SQLite: Multiple vulnerabilities |
| 202003-15 | ICU: Integer overflow |
| 202003-14 | atftp: Multiple vulnerabilities |
| 202003-13 | musl: x87 floating-point stack adjustment imbalance |
| 202003-12 | sudo: Multiple vulnerabilities |
| 202003-11 | SVG Salamander: Server-Side Request Forgery |
| 202003-10 | Mozilla Thunderbird: Multiple vulnerabilities |
| 202003-09 | OpenID library for Ruby: Server-Side Request Forgery |
| 202003-08 | Chromium, Google Chrome: Multiple vulnerabilities |
| 202003-07 | RabbitMQ C client: Arbitrary code execution |
| 202003-06 | Ruby: Multiple vulnerabilities |
| 202003-05 | e2fsprogs: Arbitrary code execution |
| 202003-04 | Vim, gVim: Remote execution of arbitrary code |
| 202003-03 | PostgreSQL: Multiple vulnerabilities |
| 202003-02 | Mozilla Firefox: Multiple vulnerabilities |
| 202003-01 | Groovy: Arbitrary code execution |