gitweb.gentoo.org
data/glsa.git - Gentoo Linux Security Advisories
https://gitweb.gentoo.org/data/glsa.git/tree
Gentoo Linux Security Advisories. Gentoo Security security@gentoo.org. Please feel free to contact us. 2001–2016 Gentoo Foundation, Inc. Gentoo is a trademark of the Gentoo Foundation, Inc. The contents of this document, unless otherwise expressly stated, are licensed under the CC-BY-SA-3.0. License. The Gentoo Name and Logo Usage Guidelines.
security.gentoo.org
Gentoo Security
https://security.gentoo.org/subscribe
Check your system's status. To check your system's security status. To see all advisories that affect your system, run:. If you don't have the utility installed, run. For more information, review the documentation. Our advisories are posted to the. You can subscribe by sending an emtpy e-mail to:. Gentoo-announce subscribe@lists.gentoo.org. A confirmation email will be sent. Reply to this email to complete the subscription. Feeds that you can subscribe to using your news reader:. Atom 1.4.3.
security.gentoo.org
Multiple packages, Multiple vulnerabilities fixed in 2010 (GLSA 201412-08) — Gentoo Security
https://security.gentoo.org/glsa/201412-08
Multiple packages, Multiple vulnerabilities fixed in 2010 — GLSA 201412-08. This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. Emerge - syn...
wiki.gentoo.org
Project:Infrastructure/Developer E-Mail - Gentoo Wiki
https://wiki.gentoo.org/wiki/Project:Infrastructure/Developer_E-Mail
This document describes what you, as a Gentoo Developer, can expect from our e-mail system, and provides configuration details you require. Gentoo developer e-mail possibilities. Using the mailbox on dev.gentoo.org. Using dev.gentoo.org for your e-mails. Accessing dev.gentoo.org using POP3 and STARTTLS or POP3S. Accessing dev.gentoo.org using IMAP and STARTTLS or IMAPS. Using dev.gentoo.org as a mail relay server. Setting up procmail rules for Spam Checking. Setting up procmail for Reply-To handling.
security.gentoo.org
Portage: Man-in-the-middle attack (GLSA 201507-16) — Gentoo Security
https://security.gentoo.org/glsa/201507-16
Portage: Man-in-the-middle attack — GLSA 201507-16. A vulnerability in Portage's urlopen function could allow a remote attacker to conduct a man-in-the-middle attack. Portage is the package management and distribution system for Gentoo. Portage does not verify X.509 SSL certificates properly if HTTPS is used. A remote attacker can spoof servers and modify binary package lists via specially crafted certificates. There is no known workaround at this time. July 10, 2015. July 10, 2015: 2.
security.gentoo.org
SNMP: Denial of Service (GLSA 201507-17) — Gentoo Security
https://security.gentoo.org/glsa/201507-17
SNMP: Denial of Service — GLSA 201507-17. A vulnerability in SNMP could lead to a Denial of Service condition. SNMP is a widely used protocol for monitoring the health and welfare of network equipment. A specially crafted trap message triggers a conversion to an erroneous variable type when the -OQ option is used. A remote attacker could possibly cause a Denial of Service condition. There is no known workaround at this time. All SNMP users should upgrade to the latest version:. July 10, 2015.
security.gentoo.org
Chromium: Multiple vulnerabilities (GLSA 201507-18) — Gentoo Security
https://security.gentoo.org/glsa/201507-18
Chromium: Multiple vulnerabilities — GLSA 201507-18. Multiple vulnerabilities have been found in Chromium allowing remote attackers to bypass security restrictions. Chromium is an open-source web browser project. Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. A remote attacker could bypass security restrictions. There is no known workaround at this time. All Chromium users should upgrade to the latest version:. July 10, 2015.
security.gentoo.org
Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201507-14) — Gentoo Security
https://security.gentoo.org/glsa/201507-14
Oracle JRE/JDK: Multiple vulnerabilities — GLSA 201507-14. Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. The Oracle Java Development Kit (JDK) and the Oracle Java Runtime Environment (JRE) provide the Oracle Java platform. Multiple vulnerabilities have been discovered in Oracle JRE/JDK. Please review the CVE identifiers referenced below for details. There is no workaround at this time. July 10, 2015. License....
security.gentoo.org
libCapsiNetwork: Denial of Service (GLSA 201507-12) — Gentoo Security
https://security.gentoo.org/glsa/201507-12
LibCapsiNetwork: Denial of Service — GLSA 201507-12. A buffer overflow in libcapsinetwork might allow remote attackers to cause a Denial of Service condition. LibCapsiNetwork is a C network library to allow fast development of server daemon processes. An off-by-one buffer overflow in libcapsinetwork network handling code is discovered. A remote attacker could send a specially crafted request to application, that is linked with libcapsinetwork, possibly resulting in a Denial of Service condition.
devmanual.gentoo.org
Master Index – Gentoo Development Guide
https://devmanual.gentoo.org/index.html
This document is an ongoing work in progress. It contains gaps, inaccuracies, omissions, typos and the occasional outright lie. The intent is to make a handbook giving developers and users correct, detailed, up to date technical content. Contributions are encouraged. See the Contributing to This Document. Section for how to get started. If you have any corrections, suggestions or improvements please look at the bug list. And file a new bug. Section lists specific contributions to this manual. Gentoo is a...
SOCIAL ENGAGEMENT