dev-util – Gentoo Packages

Security Bug Reports

dev-util/premake:5: contains several *vulnerable* bundled libraries (curl, mbedtls, ...)
773475 - Assigned to Gentoo Security
dev-util/cflow: Use-after-free vulnerability (CVE-2020-23856)
790842 - Assigned to Gentoo Security
<dev-util/re2c-3.1: infinite recursion
836372 - Assigned to Gentoo Security
<dev-util/pycharm-{community,professional}-2022.1: debugger port exposure
842270 - Assigned to Gentoo Security
dev-util/bingrep: 'cargo audit' reports one or more bundled CRATES as vulnerable
864052 - Assigned to Gentoo Security
<dev-util/cargo-ebuild-0.5.4-r1: 'cargo audit' reports one or more bundled CRATES as vulnerable
864061 - Assigned to Gentoo Security
dev-util/rustup: 'cargo audit' reports one or more bundled CRATES as vulnerable
864067 - Assigned to Gentoo Security
dev-util/wachy: 'cargo audit' reports one or more bundled CRATES as vulnerable
864076 - Assigned to Gentoo Security
dev-util/wasmer: 'cargo audit' reports one or more bundled CRATES as vulnerable
864079 - Assigned to Gentoo Security
dev-util/gitlab-runner: user jumping vulnerability
891253 - Assigned to Gentoo Security
<dev-util/pkgconf-1.8.1: Billion Laughs vulnerability
891647 - Assigned to Gentoo Security
dev-debug/edb-debugger: denial of service vulnerability
903803 - Assigned to Gentoo Security
<dev-util/librnp-0.16.3: Multiple vulnerabilities
904250 - Assigned to Gentoo Security
<dev-util/nvidia-cuda-toolkit-12.1.0: multiple vulnerabilities
904943 - Assigned to Gentoo Security
dev-util/cflow: stack overflow
906713 - Assigned to Gentoo Security
<dev-util/diffoscope-257: Information disclosure vulnerability when diffing GPG artifacts
924883 - Assigned to Gentoo Security
<dev-util/jenkins-{2.44.1:lts,2.442:0}: multiple vulnerabilities
925210 - Assigned to Gentoo Security
<dev-util/diffoscope-276: unsafe comparison of Python bytecode files
938541 - Assigned to Gentoo Security
<dev-util/jenkins-bin-{2.462.3:lts,2.479:0}: multiple vulnerabilities
940680 - Assigned to Gentoo Security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.