Gentoo Linux security advisories This feed contains new Gentoo Linux security advisories. Contact security@gentoo.org with questions.
- GLSA 202508-01: PAM: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to privilege escalation.
- GLSA 202508-05: Spreadsheet-ParseExcel: Arbitrary Code Executionon August 6, 2025 at 12:00 am
A vulnerability has been discovered in Spreadsheet-ParseExcel, which can lead to arbitrary code execution.
- GLSA 202508-02: GPL Ghostscript: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which can lead to execution of arbitrary code.
- GLSA 202508-03: FontForge: Arbitrary Code Executionon August 6, 2025 at 12:00 am
A vulnerability has been discovered in FontForge, which can lead to arbitrary code execution.
- GLSA 202508-04: Mozilla Network Security Service (NSS): TLS RSA decryption timing attackon August 6, 2025 at 12:00 am
A vulnerability has been discovered in NSS, which can lead to the recovery of private data.
- GLSA 202508-06: Composer: Multiple Vulnerabilitieson August 6, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Composer, the worst of which can lead to arbitrary code execution.
- GLSA 202507-10: Roundcube: Multiple Vulnerabilitieson July 22, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Roundcube, the worst of which could lead to execution of arbitrary code.
- GLSA 202507-03: ClamAV: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.
- GLSA 202507-04: strongSwan: Buffer Overflowon July 8, 2025 at 12:00 am
A buffer overflow has been discovered in strongSwan, which can lead to remote code execution.
- GLSA 202507-05: NTP: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in NTP, the worst of which could lead to the execution of arbitrary code.
- GLSA 202507-06: openh264: Heap Overflowon July 8, 2025 at 12:00 am
A heap overflow has been discovered in openh264, which can lead to arbitrary code execution.
- GLSA 202507-07: Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.
- GLSA 202507-08: REXML: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in REXML, the worst of which can lead to a denial of service.
- GLSA 202507-09: Git: Multiple Vulnerabilitieson July 8, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.
- GLSA 202507-01: sudo: Privilege escalationon July 1, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in sudo, the worst of which could result in privilege escalation.
- GLSA 202507-02: UDisks, libblockdev: Privilege escalationon July 1, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in UDisks, libblockdev, the worst of which could result in privilege escalation.
- GLSA 202506-12: sysstat: Arbitrary Code Executionon June 15, 2025 at 12:00 am
An integer overflow vulnerability has been found in sysstat which could result in arbitrary code execution.
- GLSA 202506-13: Konsole: Code executionon June 15, 2025 at 12:00 am
An input sanitization flaw in Konsole might allow remote attackers to execute commands via a malicious URL
- GLSA 202506-02: GStreamer, GStreamer Plugins: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution.
- GLSA 202506-03: LibreOffice: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.
- GLSA 202506-01: Emacs: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Emacs, the worst of which could lead to arbitrary code execution.
- GLSA 202506-05: GTK+ 3: Search path vulnerabilityon June 12, 2025 at 12:00 am
A vulnerability has been discovered in Gtk+, which can lead to arbitrary code execution.
- GLSA 202506-06: Qt: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Qt, the worst of which can lead to arbitrary code execution.
- GLSA 202506-07: Python, PyPy: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.
- GLSA 202506-08: Node.js: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Node.js, the worst of which can lead to arbitrary code execution.
- GLSA 202506-09: OpenImageIO: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in OpenImageIO, the worst of which can lead to execution of arbitrary code.
- GLSA 202506-10: File-Find-Rule: Shell Injectionon June 12, 2025 at 12:00 am
A vulnerability has been discovered in File-Find-Rule, which can lead to shell injection.
- GLSA 202506-11: YAML-LibYAML: Shell injectionon June 12, 2025 at 12:00 am
A vulnerability has been discovered in YAML-LibYAML, which can lead to shell injection.
- GLSA 202506-04: X.Org X server, XWayland: Multiple Vulnerabilitieson June 12, 2025 at 12:00 am
A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.
- GLSA 202505-11: Node.js: Multiple Vulnerabilitieson May 17, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Node.js, the worst of which could lead to execution of arbitrary code.
- GLSA 202505-07: FreeType: Remote Code Executionon May 14, 2025 at 12:00 am
A vulnerability has been discovered in FreeType, which can lead to remote code execution.
- GLSA 202505-08: Spidermonkey: Multiple Vulnerabilitieson May 14, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Spidermonkey, the worst of which could lead to execution of arbitrary code.
- GLSA 202505-09: Atop: Heap Corruptionon May 14, 2025 at 12:00 am
A vulnerability has been discovered in Atop, which can possibly lead to arbitrary code execution.
- GLSA 202505-10: Tracker miners: Sandbox weaknesson May 14, 2025 at 12:00 am
A vulnerability has been discovered in Tracker miners, which can lead to a sandbox escape and execution of arbitrary code.
- GLSA 202505-02: Mozilla Firefox: Multiple Vulnerabilitieson May 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.
- GLSA 202505-03: Mozilla Thunderbird: Multiple Vulnerabilitieson May 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
- GLSA 202505-04: NVIDIA Drivers: Multiple Vulnerabilitieson May 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in arbitrary code execution.
- GLSA 202505-05: Orc: Arbitrary Code Executionon May 12, 2025 at 12:00 am
A vulnerability has been discovered in Orc, which can lead to arbitrary code execution
- GLSA 202505-06: glibc: Buffer Overflowon May 12, 2025 at 12:00 am
A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..
- GLSA 202505-01: PAM: Multiple Vulnerabilitieson May 12, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to password leakage.
- GLSA 202504-01: XZ Utils: Use after freeon April 5, 2025 at 12:00 am
A vulnerability has been discovered in XZ Utils, which could lead to denial of service.
- GLSA 202502-01: OpenSSH: Multiple Vulnerabilitieson February 18, 2025 at 12:00 am
Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.
- GLSA 202501-04: Yubico pam-u2f: Partial Authentication Bypasson January 23, 2025 at 12:00 am
A vulnerability has been discovered in Yubico pam-u2f, which can lead to a partial authentication bypass.
- GLSA 202501-05: libuv: Hostname Truncationon January 23, 2025 at 12:00 am
A vulnerability has been discovered in libuv, where hostname truncation can lead to attacker-controlled lookups.
- GLSA 202501-06: GPL Ghostscript: Multiple Vulnerabilitieson January 23, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in GPL Ghostscript, the worst of which could lead to arbitrary code execution.
- GLSA 202501-07: libgsf: Multiple Vulnerabilitieson January 23, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in libgsf, the worst of which can lead to arbitrary code execution.
- GLSA 202501-08: Qt: Buffer Overflowon January 23, 2025 at 12:00 am
A vulnerability has been discovered in Qt, where a buffer overflow can lead to denial of service.
- GLSA 202501-09: QtWebEngine: Multiple Vulnerabilitieson January 23, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.
- GLSA 202501-10: Mozilla Firefox: Multiple Vulnerabilitieson January 23, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.
- GLSA 202501-11: PHP: Multiple Vulnerabilitieson January 23, 2025 at 12:00 am
Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.
