Gentoo Developer

Patrick McLean

Security Bug Reports

• <app-text/tesseract-5.0.0: use after free vulnerability (CVE-2021-36081)

  799791 - Assigned to Gentoo Security
• <dev-libs/libbpf-0.7.0: multiple vulnerabilities

  830368 - Assigned to Gentoo Security
• sys-cluster/ceph: volume does not respect configured osd_dmcrypt_key_size

  831047 - Assigned to Gentoo Security
• dev-util/wachy: 'cargo audit' reports one or more bundled CRATES as vulnerable

  864076 - Assigned to Gentoo Security
• <app-arch/pxz-5.0_pre20220509: Race condition in setting permissions on output file

  881377 - Assigned to Gentoo Security
• <net-dns/bind-9.16.37: multiple vulnerabilities

  891329 - Assigned to Gentoo Security
• <net-dns/dnsmasq-2.90: excessive EDNS.0 UDP packet size limit

  905321 - Assigned to Gentoo Security
• sys-cluster/ceph: RGW crash

  905339 - Assigned to Gentoo Security
• <net-dns/bind-9.16.42: Multiple vulnerabilities

  912265 - Assigned to Gentoo Security
• <net-dns/bind-9.16.48: Stack buffer overflow

  914365 - Assigned to Gentoo Security
• <net-vpn/openvpn-2.6.7: Multiple vulnerabilities

  917272 - Assigned to Gentoo Security
• <sys-cluster/ceph-17.2.7: improperly verified POST keys

  918410 - Assigned to Gentoo Security
• net-vpn/openvpn: DoS via crafted reset packet

  918673 - Assigned to Gentoo Security
• <app-misc/jq-1.7.1: multiple vulnerabilities

  920064 - Assigned to Gentoo Security
• <net-dns/bind-9.16.48, <net-dns/bind-tools-9.16.48: multiple vulnerabilities

  924447 - Assigned to Gentoo Security
• <net-dns/dnsmasq-2.90: "KeyTrap" DNS DoS vulnerability

  924448 - Assigned to Gentoo Security
• <net-dns/bind-9.18.29: multiple vulnerabilities

  936568 - Assigned to Gentoo Security
• <net-vpn/openvpn-2.6.12: multiple vulnerabilities

  938533 - Assigned to Gentoo Security
• net-dns/bind: resource exhaustion with DoH or many records in additional section

  949125 - Assigned to Gentoo Security