Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Developer
Sam James
Packages
252
Stabilization
6
Outdated
26
Pull requests
20
Bugs
282
Security
32
Changelog
Security Bug Reports
dev-libs/crypto++: vulnerable to private key recovery (CVE-2019-14318)
702930 - Assigned to Gentoo Security
dev-libs/libtomcrypt: Out of bounds read (CVE-2019-17362)
761412 - Assigned to Gentoo Security
sys-fs/zfs: ipv6 access control confusion (CVE-2013-20001)
770337 - Assigned to Gentoo Security
net-analyzer/fail2ban: code exection via malicious whois responses (CVE-2021-32749)
802513 - Assigned to Gentoo Security
<dev-libs/botan-2.18.2: ElGamal plaintext recovery (CVE-2021-40529)
811906 - Assigned to Gentoo Security
<dev-libs/crypto++-8.6.0: ElGamal plaintext recovery (CVE-2021-40530)
811915 - Assigned to Gentoo Security
dev-db/redis: integer overflow via bundled hiredis
821346 - Assigned to Gentoo Security
<dev-lang/duktape-2.7.0: segmentation fault in duk_push_tval
831659 - Assigned to Gentoo Security
app-crypt/sequoia-sq: 'cargo audit' reports one or more bundled CRATES as vulnerable
864004 - Assigned to Gentoo Security
app-crypt/sequoia-sqv: 'cargo audit' reports one or more bundled CRATES as vulnerable
864007 - Assigned to Gentoo Security
dev-util/git-delta: 'cargo audit' reports one or more bundled CRATES as vulnerable
864064 - Assigned to Gentoo Security
<dev-libs/botan-2.19.3: OCSP response falsification
881529 - Assigned to Gentoo Security
<media-gfx/graphicsmagick-1.3.39: multiple vulnerabilities
888545 - Assigned to Gentoo Security
<media-gfx/graphicsmagick-1.3.40: Multiple vulnerabilities
890851 - Assigned to Gentoo Security
<net-irc/ergo-2.11.1: Websocket denial of service issue
891803 - Assigned to Gentoo Security
<app-forensics/aflplusplus-4.06c: code execution via untrusted CWD
897924 - Assigned to Gentoo Security
<dev-db/redis-7.0.10: Specially crafted MSETNX command can lead to assertion and denial-of-service
902501 - Assigned to Gentoo Security
dev-python/redis: multiple vulnerabilities
903137 - Assigned to Gentoo Security
<net-analyzer/tcpdump-4.99.4: OOB write in SMB decoder
904041 - Assigned to Gentoo Security
<net-misc/iperf-3.14: Denial of service vulnerability
910083 - Assigned to Gentoo Security
<dev-db/redis-{6.2.13, 7.0.12}: Multiple vulnerabilities
910191 - Assigned to Gentoo Security
<dev-db/redis-{7.0.13, 7.2.1}: Redis SORT_RO may bypass ACL configuration
913741 - Assigned to Gentoo Security
<dev-libs/libtommath-1.2.1: Integer overflow
913880 - Assigned to Gentoo Security
<dev-db/redis-{6.2.14,7.0.14,7.2.2}: Redis Unix-domain socket may be exposed with the wrong permissions for a short time window
915989 - Assigned to Gentoo Security
<net-vpn/tor-0.4.8.9: Denial of service for onion services
917142 - Assigned to Gentoo Security
net-irc/unrealircd: denial-of-service by sending an oversized packet
920264 - Assigned to Gentoo Security
dev-libs/crypto++: multiple vulnerabilities
920284 - Assigned to Gentoo Security
<dev-db/redis-{7.0.15,7.2.4}: Buffer resizing issue leading to heap overflow and potential RCE
921662 - Assigned to Gentoo Security
sys-libs/pam: local denial of service vulnerability in `pam_namespace.so`
922397 - Assigned to Gentoo Security
<dev-util/diffoscope-257: Information disclosure vulnerability when diffing GPG artifacts
924883 - Assigned to Gentoo Security
<dev-libs/botan-{2.19.4, 3.3.0}: Denial of service via ECC parameters
925147 - Assigned to Gentoo Security
<sys-fs/zfs-2.2.3: Bundled old Lua is vulnerable to CVE-2020-24370
925290 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.