GNOME Desktop – Gentoo Packages

Security Bug Reports

dev-libs/libcroco: multiple vulnerabilities (CVE-2017-{8834,8871})
621258 - Assigned to Gentoo Security
mail-client/evolution: gpg key trust extrapolation to new UIDs
676366 - Assigned to Gentoo Security
<gnome-base/gdm-40.0: authentication bypass (CVE-2020-27837)
762460 - Assigned to Gentoo Security
<app-arch/file-roller-3.38.1: arbitrary file overwrite via malicious archive
780858 - Assigned to Gentoo Security
net-libs/libgrss: Does not perform TLS certificate validation (CVE-2016-20011)
792264 - Assigned to Gentoo Security
<media-libs/grilo-0.3.14: improper TLS verification (CVE-2021-39365)
809713 - Assigned to Gentoo Security
gnome-extra/libgda: improper TLS verification (CVE-2021-39359)
809719 - Assigned to Gentoo Security
<x11-libs/gdk-pixbuf-2.42.9: heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files (CVE-2021-44648)
831077 - Assigned to Gentoo Security
<gnome-base/gnome-shell-45.0: lock screen bypass via screenshot tool
918713 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.46.5{,-r410,-r600}: multiple vulnerabilities
941276 - Assigned to Gentoo Security
<x11-libs/gtk+-3.24.48: Search path vulnerability
949825 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.48.3: multiple vulnerabilities
951739 - Assigned to Gentoo Security
<gnome-extra/yelp-42.3 - Dangerous Arbitrary File Read Vulnerability
953900 - Assigned to Gentoo Security
net-libs/libsoup: multiple vulnerabilities
954007 - Assigned to Gentoo Security
<dev-libs/glib-2.82.1: Buffer overflow in set_connect_msg()
958180 - Assigned to Gentoo Security
<app-text/libgepub-0.7.3: Integer overflow
958233 - Assigned to Gentoo Security
<dev-libs/glib-2.82.5: Integer overflow in g_date_time_new_from_iso8601
958287 - Assigned to Gentoo Security
<dev-libs/glib-2.84.2: Buffer underflow via function g_string_insert_unichar
958289 - Assigned to Gentoo Security
net-libs/webkit-gtk: Vulnerability in send-request signal handler
960015 - Assigned to Gentoo Security
<dev-libs/glib-2.84.4: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()
961874 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.50.1: multiple vulnerabilities
963338 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.50.4: multiple vulnerabilities
966445 - Assigned to Gentoo Security
<dev-libs/glib-2.84.4-r1: Multiple vulnerabilities
967237 - Assigned to Gentoo Security
<dev-libs/libgit2-1.9.2: Multiple vulnerabilities
967363 - Assigned to Gentoo Security
net-misc/networkmanager: non-admin-user could use credentials of other local users
967603 - Assigned to Gentoo Security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo ProjectGNOME Desktop

Security Bug Reports

Contact Information

Gentoo Project
GNOME Desktop