Freedesktop Project – Gentoo Packages

x11-misc/xdg-utils: Improper handling of mailto URI (CVE-2020-27748)
756838 - Assigned to Gentoo Security
<media-libs/exempi-2.6.2: Multiple vulnerabilities
878757 - Assigned to Gentoo Security
x11-misc/xdg-utils: xdg-email mailto thunderbird mishandling
882079 - Assigned to Gentoo Security
<media-libs/exempi-2.5.1: multiple vulnerabilities
918620 - Assigned to Gentoo Security
<dev-libs/expat-2.6.0 quadratic runtime denial of service
923951 - Assigned to Gentoo Security
<dev-libs/expat-2.6.2: vulnerable to billion laughs attacks with isolated use of external parsers
926786 - Assigned to Gentoo Security
<dev-libs/expat-2.6.3: multiple vulnerabilities
938894 - Assigned to Gentoo Security
<dev-libs/expat-2.6.4 - NULL pointer dereference through function XML_ResumeParser
942969 - Assigned to Gentoo Security
<dev-libs/expat-2.7.0 can be crashed through long linear chains of entities
951316 - Assigned to Gentoo Security
<media-libs/exempi-2.6.6: Multiple vulnerabilities
956991 - Assigned to Gentoo Security
<dev-libs/expat-2.7.3: denial of service (large use of heap from small parse input)
962963 - Assigned to Gentoo Security
<dev-libs/expat-2.7.4: Multiple vulnerabilities
969477 - Assigned to Gentoo Security

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo ProjectFreedesktop Project