Sebastian Pipping – Gentoo Packages

Security Bug Reports

<dev-libs/uriparser-0.9.6: multiple vulnerabilities
830665 - Assigned to Gentoo Security
<media-gfx/optipng-0.7.8: out-of-bounds read
915342 - Assigned to Gentoo Security
<dev-libs/expat-2.6.0 quadratic runtime denial of service
923951 - Assigned to Gentoo Security
<dev-libs/expat-2.6.2: vulnerable to billion laughs attacks with isolated use of external parsers
926786 - Assigned to Gentoo Security
<dev-libs/uriparser-0.9.8: multiple vulnerabilities
931259 - Assigned to Sebastian Pipping
<dev-libs/expat-2.6.3: multiple vulnerabilities
938894 - Assigned to Gentoo Security
<dev-libs/expat-2.6.4 - NULL pointer dereference through function XML_ResumeParser
942969 - Assigned to Gentoo Security
<dev-libs/expat-2.7.0 can be crashed through long linear chains of entities
951316 - Assigned to Gentoo Security
<dev-libs/expat-2.7.3: denial of service (large use of heap from small parse input)
962963 - Assigned to Gentoo Security
<app-containers/docker-compose-2.40.3: Path Traversal via OCI Artifact Layer Annotations
965332 - Assigned to Gentoo Security
<dev-libs/uriparser-1.0.0 stack overflow from unbound recursion
967524 - Assigned to Gentoo Security
<dev-libs/expat-2.7.4: Multiple vulnerabilities
969477 - Assigned to Gentoo Security
<dev-libs/expat-2.7.5: Multiple vulnerabilities
971298 - Assigned to Gentoo Security
<dev-libs/expat-2.8.0: Insufficient entropy
973144 - Assigned to Gentoo Security
<dev-libs/uriparser-1.0.1 integer overflow in text range comparison
973289 - Assigned to Gentoo Security
<dev-libs/uriparser-1.0.2 multiple vulnerabilities
974458 - Assigned to Gentoo Security
<dev-libs/expat-2.8.1 denial of service through quadratic runtime
974504 - Assigned to Gentoo Security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo DeveloperSebastian Pipping

Security Bug Reports

Contact Information

Gentoo Developer
Sebastian Pipping