Gentoo Linux security advisories This feed contains new Gentoo Linux security advisories. Contact security@gentoo.org with questions.
- GLSA 202511-06: libpng: Multiple vulnerabilities
on November 26, 2025 at 12:00 amMultiple vulnerabilities have been discovered in libpng, the worst of which could lead to execution of arbitrary code.
- GLSA 202511-07: librnp: Weak random number generationon November 26, 2025 at 12:00 am
librnp uses weak random number generation such that generated keys can be easily cracked.
- GLSA 202511-01: UDisks: Multiple Vulnerabilitieson November 24, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in UDisks, the worst of which can lead to execution of arbitrary code.
- GLSA 202511-02: WebKitGTK+: Multiple Vulnerabilitieson November 24, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which can lead to execution of arbitary code.
- GLSA 202511-03: qtsvg: Multiple Vulnerabilitieson November 24, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in qtsvg, the worst of which could lead to execution of arbitrary code.
- GLSA 202511-04: Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilitieson November 24, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.
- GLSA 202511-05: redict, redis: Multiple Vulnerabilitieson November 24, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in redis and redict, the worst of which could lead to execution of arbitrary code.
- GLSA 202509-02: Spidermonkey: Multiple Vulnerabilitieson September 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Spidermonkey, the worst of which could lead to execution of arbitrary code.
- GLSA 202509-03: Django: Multiple Vulnerabilitieson September 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Django, the worst of which could lead to a denial of service.
- GLSA 202509-04: glibc: Multiple Vulnerabilitieson September 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to execution of arbitrary code.
- GLSA 202509-05: Plex Media Server: Incorrect resource transferon September 17, 2025 at 12:00 am
A vulnerability has been discovered in Plex Media Server.
- GLSA 202509-06: ProFTPd: SSH Terrapin vulnerabilityon September 17, 2025 at 12:00 am
A vulnerability has been discovered in ProFTPd, which can lead to loss of confidentiality.
- GLSA 202509-07: libvpx: Use after freeon September 17, 2025 at 12:00 am
A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.
- GLSA 202509-08: GnuTLS: Multiple Vulnerabilitieson September 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution.
- GLSA 202509-01: Poppler: Multiple Vulnerabilitieson September 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.
- GLSA 202508-01: PAM: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to privilege escalation.
- GLSA 202508-02: GPL Ghostscript: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.
- GLSA 202508-03: FontForge: Arbitrary Code Executionon August 6, 2025 at 12:00 am
A vulnerability has been discovered in FontForge, which can lead to arbitrary code execution.
- GLSA 202508-04: Mozilla Network Security Service (NSS): TLS RSA decryption timing attackon August 6, 2025 at 12:00 am
A vulnerability has been discovered in NSS, which can lead to the recovery of private data.
- GLSA 202508-05: Spreadsheet-ParseExcel: Arbitrary Code Executionon August 6, 2025 at 12:00 am
A vulnerability has been discovered in Spreadsheet-ParseExcel, which can lead to arbitrary code execution.
- GLSA 202508-06: Composer: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Composer, the worst of which can lead to arbitrary code execution.
- GLSA 202507-10: Roundcube: Multiple Vulnerabilitieson July 22, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Roundcube, the worst of which could lead to execution of arbitrary code.
- GLSA 202507-04: strongSwan: Buffer Overflowon July 8, 2025 at 12:00 am
A buffer overflow has been discovered in strongSwan, which can lead to remote code execution.
- GLSA 202507-05: NTP: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in NTP, the worst of which could lead to the execution of arbitrary code.
- GLSA 202507-03: ClamAV: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.
- GLSA 202507-07: Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.
- GLSA 202507-08: REXML: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in REXML, the worst of which can lead to a denial of service.
- GLSA 202507-09: Git: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.
- GLSA 202507-06: openh264: Heap Overflowon July 8, 2025 at 12:00 am
A heap overflow has been discovered in openh264, which can lead to arbitrary code execution.
- GLSA 202507-02: UDisks, libblockdev: Privilege escalationon July 1, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in UDisks, libblockdev, the worst of which could result in privilege escalation.
- GLSA 202507-01: sudo: Privilege escalationon July 1, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in sudo, the worst of which could result in privilege escalation.
- GLSA 202506-12: sysstat: Arbitrary Code Executionon June 15, 2025 at 12:00 am
An integer overflow vulnerability has been found in sysstat which could result in arbitrary code execution.
- GLSA 202506-13: Konsole: Code executionon June 15, 2025 at 12:00 am
An input sanitization flaw in Konsole might allow remote attackers to execute commands via a malicious URL
- GLSA 202506-02: GStreamer, GStreamer Plugins: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.
- GLSA 202506-03: LibreOffice: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.
- GLSA 202506-04: X.Org X server, XWayland: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.
- GLSA 202506-06: Qt: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Qt, the worst of which can lead to arbitrary code execution.
- GLSA 202506-07: Python, PyPy: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.
- GLSA 202506-08: Node.js: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.
- GLSA 202506-09: OpenImageIO: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in OpenImageIO, the worst of which can lead to execution of arbitrary code.
- GLSA 202506-10: File-Find-Rule: Shell Injectionon June 12, 2025 at 12:00 am
A vulnerability has been discovered in File-Find-Rule, which can lead to shell injection.
- GLSA 202506-11: YAML-LibYAML: Shell injectionon June 12, 2025 at 12:00 am
A vulnerability has been discovered in YAML-LibYAML, which can lead to shell injection.
- GLSA 202506-01: Emacs: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Emacs, the worst of which could lead to arbitrary code execution.
- GLSA 202506-05: GTK+ 3: Search path vulnerabilityon June 12, 2025 at 12:00 am
A vulnerability has been discovered in Gtk+, which can lead to arbitrary code execution.
- GLSA 202505-11: Node.js: Multiple Vulnerabilitieson May 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
- GLSA 202505-07: FreeType: Remote Code Executionon May 14, 2025 at 12:00 am
A vulnerability has been discovered in FreeType, which can lead to remote code execution.
- GLSA 202505-08: Spidermonkey: Multiple Vulnerabilitieson May 14, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Spidermonkey, the worst of which could lead to execution of arbitrary code.
- GLSA 202505-09: Atop: Heap Corruptionon May 14, 2025 at 12:00 am
A vulnerability has been discovered in Atop, which can possibly lead to arbitrary code execution.
- GLSA 202505-10: Tracker miners: Sandbox weaknesson May 14, 2025 at 12:00 am
A vulnerability has been discovered in Tracker miners, which can lead to a sandbox escape and execution of arbitrary code.
- GLSA 202505-06: glibc: Buffer Overflowon May 12, 2025 at 12:00 am
A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..
