Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
GNOME Desktop
Packages
358
Stabilization
30
Outdated
109
Pull requests
89
Bugs
545
Security
18
Changelog
Security Bug Reports
dev-libs/libcroco: multiple vulnerabilities (CVE-2017-{8834,8871})
621258 - Assigned to Gentoo Security
mail-client/evolution: gpg key trust extrapolation to new UIDs
676366 - Assigned to Gentoo Security
<gnome-base/gdm-40.0: authentication bypass (CVE-2020-27837)
762460 - Assigned to Gentoo Security
<app-arch/file-roller-3.38.1: arbitrary file overwrite via malicious archive
780858 - Assigned to Gentoo Security
net-libs/libgrss: Does not perform TLS certificate validation (CVE-2016-20011)
792264 - Assigned to Gentoo Security
<media-libs/grilo-0.3.14: improper TLS verification (CVE-2021-39365)
809713 - Assigned to Gentoo Security
gnome-extra/libgda: improper TLS verification (CVE-2021-39359)
809719 - Assigned to Gentoo Security
<x11-libs/gdk-pixbuf-2.42.9: heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files (CVE-2021-44648)
831077 - Assigned to Gentoo Security
<gnome-base/nautilus-44.0: NULL pointer dereference via pasting crafted zip file
881509 - Assigned to Gentoo Security
<dev-libs/libgit2-1.5.1[ssh]: fails to verify SSH keys by default
891525 - Assigned to Gentoo Security
<app-misc/tracker-miners-3.5.3: Sandbox weakness
916378 - Assigned to Gentoo Security
<gnome-base/librsvg-2.56.3: arbitrary file read via crafted xinclude href
918100 - Assigned to Gentoo Security
<gnome-base/gnome-shell-45.0: lock screen bypass via screenshot tool
918713 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.42.5: multiple vulnerabilities
923851 - Assigned to Gentoo Security
<dev-libs/libgit2-1.7.2: multiple vulnerabilities
923971 - Assigned to Gentoo Security
<net-libs/webkit-gtk-2.44.0: multiple vulnerabilities
930116 - Assigned to Gentoo Security
<dev-libs/glib-2.78.6: Signal subscription vulnerabilities
931507 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.