Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
GNOME Desktop
Packages
358
Stabilization
8
Outdated
102
Pull requests
22
Bugs
588
Security
18
Changelog
Security Bug Reports
dev-libs/libcroco: multiple vulnerabilities (CVE-2017-{8834,8871})
621258 - Assigned to Gentoo Security
mail-client/evolution: gpg key trust extrapolation to new UIDs
676366 - Assigned to Gentoo Security
<gnome-base/gdm-40.0: authentication bypass (CVE-2020-27837)
762460 - Assigned to Gentoo Security
<app-arch/file-roller-3.38.1: arbitrary file overwrite via malicious archive
780858 - Assigned to Gentoo Security
net-libs/libgrss: Does not perform TLS certificate validation (CVE-2016-20011)
792264 - Assigned to Gentoo Security
<media-libs/grilo-0.3.14: improper TLS verification (CVE-2021-39365)
809713 - Assigned to Gentoo Security
gnome-extra/libgda: improper TLS verification (CVE-2021-39359)
809719 - Assigned to Gentoo Security
<x11-libs/gdk-pixbuf-2.42.9: heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files (CVE-2021-44648)
831077 - Assigned to Gentoo Security
<gnome-base/nautilus-44.0: NULL pointer dereference via pasting crafted zip file
881509 - Assigned to Gentoo Security
<dev-libs/libgit2-1.5.1[ssh]: fails to verify SSH keys by default
891525 - Assigned to Gentoo Security
<app-misc/tracker-miners-3.5.3: Sandbox weakness
916378 - Assigned to Gentoo Security
<gnome-base/librsvg-2.56.3: arbitrary file read via crafted xinclude href
918100 - Assigned to Gentoo Security
<gnome-base/gnome-shell-45.0: lock screen bypass via screenshot tool
918713 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.42.5: multiple vulnerabilities
923851 - Assigned to Gentoo Security
<dev-libs/libgit2-1.7.2: multiple vulnerabilities
923971 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.44.0: multiple vulnerabilities
930116 - Assigned to Gentoo Security
dev-libs/glib: Signal subscription vulnerabilities
931507 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.