Patrick McLean – Gentoo Packages

Security Bug Reports

<app-text/tesseract-5.0.0: use after free vulnerability (CVE-2021-36081)
799791 - Assigned to Gentoo Security
<dev-libs/libbpf-0.7.0: multiple vulnerabilities
830368 - Assigned to Gentoo Security
sys-cluster/ceph: volume does not respect configured osd_dmcrypt_key_size
831047 - Assigned to Gentoo Security
<net-vpn/openvpn-2.5.6: potential authentication by-pass with multiple deferred authentication plug-ins
835514 - Assigned to Gentoo Security
dev-util/wachy: 'cargo audit' reports one or more bundled CRATES as vulnerable
864076 - Assigned to Gentoo Security
<net-dns/dnsmasq-2.87: write-after-free DoS in dhcpv6
867322 - Assigned to Gentoo Security
<app-arch/pxz-5.0_pre20220509: Race condition in setting permissions on output file
881377 - Assigned to Gentoo Security
<net-dns/bind-9.16.37: multiple vulnerabilities
891329 - Assigned to Gentoo Security
<net-dns/dnsmasq-2.90: excessive EDNS.0 UDP packet size limit
905321 - Assigned to Gentoo Security
sys-cluster/ceph: RGW crash
905339 - Assigned to Gentoo Security
<net-dns/bind-9.16.42: Multiple vulnerabilities
912265 - Assigned to Gentoo Security
<net-dns/bind-9.16.48: Stack buffer overflow
914365 - Assigned to Gentoo Security
<app-admin/salt-3005.4: multiple vulnerabilities
916512 - Assigned to Gentoo Security
<net-vpn/openvpn-2.6.7: Multiple vulnerabilities
917272 - Assigned to Gentoo Security
<sys-cluster/ceph-17.2.7: improperly verified POST keys
918410 - Assigned to Gentoo Security
net-vpn/openvpn: DoS via crafted reset packet
918673 - Assigned to Gentoo Security
<app-misc/jq-1.7.1: multiple vulnerabilities
920064 - Assigned to Gentoo Security
<net-dns/bind-9.16.48, <net-dns/bind-tools-9.16.48: multiple vulnerabilities
924447 - Assigned to Gentoo Security
<net-dns/dnsmasq-2.90: "KeyTrap" DNS DoS vulnerability
924448 - Assigned to Gentoo Security
<net-dns/bind-9.18.29: multiple vulnerabilities
936568 - Assigned to Gentoo Security
net-vpn/openvpn: multiple vulnerabilities
938533 - Assigned to Gentoo Security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo DeveloperPatrick McLean

Security Bug Reports

Contact Information

Gentoo Developer
Patrick McLean