Matthew Thode – Gentoo Packages

<gui-apps/swaylock-1.6: lock screen bypasses
834716 - Assigned to Gentoo Security
<dev-python/oslo-utils-4.12.1: plaintext logging of certain passwords
867328 - Assigned to Gentoo Security
<net-misc/openvswitch-2.17.8: DoS via crafted packet
869365 - Assigned to Gentoo Security
<app-admin/ansible-8.3.0: ec2_instance tower_callback credential leakage into logs
878761 - Assigned to Gentoo Security
<app-emulation/cloud-init-23.4: secrets written to logs
905206 - Assigned to Gentoo Security
app-arch/p7zip: multiple vulnerabilities
914736 - Assigned to Gentoo Security
<net-misc/memcached-1.6.22: multiple vulnerabilities
916510 - Assigned to Gentoo Security
<net-misc/openvswitch-2.17.9-r1: multiple vulnerabilities
924129 - Assigned to Gentoo Security
app-arch/p7zip: vulnerability in zstandard implementation?
944462 - Assigned to Gentoo Security
app-arch/p7zip: Add upstream patch for lz4 integer overflow (CVE-2021-3520)
946399 - Assigned to Gentoo Security
<www-apps/icingaweb2-2.12.3: multiple XSS vulnerabilities (CVE-2025-{27404,27405,27609,30164})
953033 - Assigned to Gentoo Security

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo DeveloperMatthew Thode