This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --HjMTWJaeBCgNagSjjFPllHGO1w3MTcbje Content-Type: multipart/mixed; boundary="vcj52e6btqhIadqsOR3iwUjWE9ub7ICQ8" From: Aaron Bauman <bman@gentoo.org> To: gentoo-announce@lists.gentoo.org Message-ID: <9fa6e917-586c-69e2-e59e-db460db4898c@gentoo.org> Subject: [ GLSA 201701-32 ] phpMyAdmin: Multiple vulnerabilities
--vcj52e6btqhIadqsOR3iwUjWE9ub7ICQ8 Content-Type: multipart/alternative; boundary="------------6EB1D12AAD40214B2162A447"
This is a multi-part message in MIME format. --------------6EB1D12AAD40214B2162A447 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: phpMyAdmin: Multiple vulnerabilities Date: January 11, 2017 Bugs: #586964, #593582, #600814 ID: 201701-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution.
Background ==========
phpMyAdmin is a web-based management tool for MySQL databases.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/phpmyadmin < 4.6.5.1 >= 4.6.5.1
Description ===========
Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details.
Impact ======
A authenticated remote attacker could exploit these vulnerabilities to execute arbitrary PHP Code, inject SQL code, or to conduct Cross-Site Scripting attacks.
In certain configurations, an unauthenticated remote attacker could cause a Denial of Service condition.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All phpMyAdmin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/phpmyadmin-4.6.5.1"
References ==========
[ 1 ] CVE-2016-4412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4412 [ 2 ] CVE-2016-5097 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5097 [ 3 ] CVE-2016-5098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5098 [ 4 ] CVE-2016-5099 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5099 [ 5 ] CVE-2016-5701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5701 [ 6 ] CVE-2016-5702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5702 [ 7 ] CVE-2016-5703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5703 [ 8 ] CVE-2016-5704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5704 [ 9 ] CVE-2016-5705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5705 [ 10 ] CVE-2016-5706 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5706 [ 11 ] CVE-2016-5730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5730 [ 12 ] CVE-2016-5731 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5731 [ 13 ] CVE-2016-5732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5732 [ 14 ] CVE-2016-5733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5733 [ 15 ] CVE-2016-5734 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5734 [ 16 ] CVE-2016-5739 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5739 [ 17 ] CVE-2016-6606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6606 [ 18 ] CVE-2016-6607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6607 [ 19 ] CVE-2016-6608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6608 [ 20 ] CVE-2016-6609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6609 [ 21 ] CVE-2016-6610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6610 [ 22 ] CVE-2016-6611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6611 [ 23 ] CVE-2016-6612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6612 [ 24 ] CVE-2016-6613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6613 [ 25 ] CVE-2016-6614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6614 [ 26 ] CVE-2016-6615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6615 [ 27 ] CVE-2016-6616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6616 [ 28 ] CVE-2016-6617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6617 [ 29 ] CVE-2016-6618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6618 [ 30 ] CVE-2016-6619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6619 [ 31 ] CVE-2016-6620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6620 [ 32 ] CVE-2016-6622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6622 [ 33 ] CVE-2016-6623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6623 [ 34 ] CVE-2016-6624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6624 [ 35 ] CVE-2016-6625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6625 [ 36 ] CVE-2016-6626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6626 [ 37 ] CVE-2016-6627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6627 [ 38 ] CVE-2016-6628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6628 [ 39 ] CVE-2016-6629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6629 [ 40 ] CVE-2016-6630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6630 [ 41 ] CVE-2016-6631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6631 [ 42 ] CVE-2016-6632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6632 [ 43 ] CVE-2016-6633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6633 [ 44 ] CVE-2016-9847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9847 [ 45 ] CVE-2016-9848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9848 [ 46 ] CVE-2016-9849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9849 [ 47 ] CVE-2016-9850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9850 [ 48 ] CVE-2016-9851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9851 [ 49 ] CVE-2016-9852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9852 [ 50 ] CVE-2016-9853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9853 [ 51 ] CVE-2016-9854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9854 [ 52 ] CVE-2016-9855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9855 [ 53 ] CVE-2016-9856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9856 [ 54 ] CVE-2016-9857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9857 [ 55 ] CVE-2016-9858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9858 [ 56 ] CVE-2016-9859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9859 [ 57 ] CVE-2016-9860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9860 [ 58 ] CVE-2016-9861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9861 [ 59 ] CVE-2016-9862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9862 [ 60 ] CVE-2016-9863 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9863 [ 61 ] CVE-2016-9864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9864 [ 62 ] CVE-2016-9865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9865 [ 63 ] CVE-2016-9866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9866
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-32
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--------------6EB1D12AAD40214B2162A447 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
<html> <head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf= -8"> </head> <body bgcolor=3D"#FFFFFF" text=3D"#000000"> <p> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Du= tf-8"> </p> <pre style=3D"color: rgb(0, 0, 0); font-style: normal; font-variant-l= igatures: normal; font-variant-caps: normal; font-weight: normal; letter-= spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-tr= ansform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0= px; word-wrap: break-word; white-space: pre-wrap;">- - - - - - - - - - - = - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <a class=3D"moz-txt-link-freet= ext" href=3D"https://security.gentoo.org/">https://security.gentoo.org/</= a> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: phpMyAdmin: Multiple vulnerabilities Date: January 11, 2017 Bugs: #586964, #593582, #600814 ID: 201701-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis =3D=3D=3D=3D=3D=3D=3D=3D
Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution.
Background =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
phpMyAdmin is a web-based management tool for MySQL databases.
Affected packages =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/phpmyadmin < 4.6.5.1 >=3D 4.6= =2E5.1=20
Description =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details.
Impact =3D=3D=3D=3D=3D=3D
A authenticated remote attacker could exploit these vulnerabilities to execute arbitrary PHP Code, inject SQL code, or to conduct Cross-Site Scripting attacks.
In certain configurations, an unauthenticated remote attacker could cause a Denial of Service condition.
Workaround =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
There is no known workaround at this time.
Resolution =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
All phpMyAdmin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=3Ddev-db/phpmyadmin-4.6.5.1"
References =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[ 1 ] CVE-2016-4412 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-4412">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-4412</a> [ 2 ] CVE-2016-5097 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5097">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5097</a> [ 3 ] CVE-2016-5098 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5098">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5098</a> [ 4 ] CVE-2016-5099 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5099">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5099</a> [ 5 ] CVE-2016-5701 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5701">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5701</a> [ 6 ] CVE-2016-5702 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5702">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5702</a> [ 7 ] CVE-2016-5703 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5703">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5703</a> [ 8 ] CVE-2016-5704 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5704">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5704</a> [ 9 ] CVE-2016-5705 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5705">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5705</a> [ 10 ] CVE-2016-5706 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5706">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5706</a> [ 11 ] CVE-2016-5730 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5730">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5730</a> [ 12 ] CVE-2016-5731 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5731">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5731</a> [ 13 ] CVE-2016-5732 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5732">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5732</a> [ 14 ] CVE-2016-5733 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5733">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5733</a> [ 15 ] CVE-2016-5734 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5734">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5734</a> [ 16 ] CVE-2016-5739 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-5739">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-5739</a> [ 17 ] CVE-2016-6606 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6606">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6606</a> [ 18 ] CVE-2016-6607 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6607">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6607</a> [ 19 ] CVE-2016-6608 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6608">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6608</a> [ 20 ] CVE-2016-6609 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6609">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6609</a> [ 21 ] CVE-2016-6610 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6610">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6610</a> [ 22 ] CVE-2016-6611 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6611">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6611</a> [ 23 ] CVE-2016-6612 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6612">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6612</a> [ 24 ] CVE-2016-6613 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6613">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6613</a> [ 25 ] CVE-2016-6614 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6614">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6614</a> [ 26 ] CVE-2016-6615 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6615">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6615</a> [ 27 ] CVE-2016-6616 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6616">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6616</a> [ 28 ] CVE-2016-6617 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6617">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6617</a> [ 29 ] CVE-2016-6618 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6618">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6618</a> [ 30 ] CVE-2016-6619 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6619">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6619</a> [ 31 ] CVE-2016-6620 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6620">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6620</a> [ 32 ] CVE-2016-6622 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6622">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6622</a> [ 33 ] CVE-2016-6623 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6623">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6623</a> [ 34 ] CVE-2016-6624 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6624">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6624</a> [ 35 ] CVE-2016-6625 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6625">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6625</a> [ 36 ] CVE-2016-6626 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6626">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6626</a> [ 37 ] CVE-2016-6627 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6627">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6627</a> [ 38 ] CVE-2016-6628 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6628">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6628</a> [ 39 ] CVE-2016-6629 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6629">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6629</a> [ 40 ] CVE-2016-6630 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6630">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6630</a> [ 41 ] CVE-2016-6631 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6631">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6631</a> [ 42 ] CVE-2016-6632 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6632">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6632</a> [ 43 ] CVE-2016-6633 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-6633">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-6633</a> [ 44 ] CVE-2016-9847 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9847">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9847</a> [ 45 ] CVE-2016-9848 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9848">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9848</a> [ 46 ] CVE-2016-9849 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9849">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9849</a> [ 47 ] CVE-2016-9850 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9850">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9850</a> [ 48 ] CVE-2016-9851 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9851">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9851</a> [ 49 ] CVE-2016-9852 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9852">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9852</a> [ 50 ] CVE-2016-9853 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9853">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9853</a> [ 51 ] CVE-2016-9854 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9854">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9854</a> [ 52 ] CVE-2016-9855 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9855">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9855</a> [ 53 ] CVE-2016-9856 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9856">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9856</a> [ 54 ] CVE-2016-9857 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9857">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9857</a> [ 55 ] CVE-2016-9858 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9858">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9858</a> [ 56 ] CVE-2016-9859 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9859">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9859</a> [ 57 ] CVE-2016-9860 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9860">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9860</a> [ 58 ] CVE-2016-9861 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9861">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9861</a> [ 59 ] CVE-2016-9862 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9862">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9862</a> [ 60 ] CVE-2016-9863 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9863">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9863</a> [ 61 ] CVE-2016-9864 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9864">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9864</a> [ 62 ] CVE-2016-9865 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9865">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9865</a> [ 63 ] CVE-2016-9866 <a class=3D"moz-txt-link-freetext" href=3D"http://nvd.nist.gov/nvd= =2Ecfm?cvename=3DCVE-2016-9866">http://nvd.nist.gov/nvd.cfm?cvename=3DCVE= -2016-9866</a>
Availability =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
<a class=3D"moz-txt-link-freetext" href=3D"https://security.gentoo.org/g= lsa/201701-32">https://security.gentoo.org/glsa/201701-32</a>
Concerns? =3D=3D=3D=3D=3D=3D=3D=3D=3D
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:security@gentoo.org"= >security@gentoo.org</a> or alternatively, you may file a bug at <a class=3D"moz-txt-link-freetext" href=3D"https://bugs.gentoo.org">https= ://bugs.gentoo.org</a>.
License =3D=3D=3D=3D=3D=3D=3D
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
<a class=3D"moz-txt-link-freetext" href=3D"http://creativecommons.org/lic= enses/by-sa/2.5">http://creativecommons.org/licenses/by-sa/2.5</a></pre> </body> </html>
--------------6EB1D12AAD40214B2162A447--
--vcj52e6btqhIadqsOR3iwUjWE9ub7ICQ8--
--HjMTWJaeBCgNagSjjFPllHGO1w3MTcbje Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQJ8BAEBCgBmBQJYdi5BXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1OTcyRDI4NDhFOEE0NDYwRTdERTY4QUM5 RjI4QkQ4QkQxRTM5NUZGAAoJEJ8ovYvR45X/3+4P/3nr45Ndi36w+HwebEmZBxMO uC/mH78JoFjHiXCVlknWHA9TKy50pTUmmfZ9xLGWMHSxOqfdnLHWjY1+Uw5QLWFb H+bCRmIDcmxQ/dBtkCGy26w0TFLD/mg98H8TE6yHcN+1FaVapTGaLZtxaMrZ0Hck 4WxUAKxa0rPbgUmilhJWIzeINH2C58ZAhnNAVFqgduYCsTfeMz9K6NrGG9zPw0wE AxzeJFWvblaaL5zDTcg1+nXFkhOLCSJl4KfyFqkItLDfjglPGkrs0qEuDD8vt3rS SNm5t4XcJv3tOp3ADpgLW4MMiTL3xr9O/olGZo3lMfrWEpxYIaX8XtJuUsv81yH9 GnbTbwq1hA9ZuTsnyLezt8uPUCgvbd0XADB42czFHsq/Jh+GjxxStWsHPv7+7SyS 87sBZmjYIB9tOXRlXIkOP/WCEXCnVVz97hOp2MBlDMmPrNoqf3MGMM/bLYcIpvCK XJdeBq9/5AbO6Y7rM3nHizDxij8XyXz1ajgXeJwAdji3UR6TYalABX3NRD2xUS0T CU1ASOhg3lXqzgc7gfccEcRVLyxun/fnKBc5//7/14KxqS8RHJUtc58OZafEyTFi j8kFydPhbB3Vx5ElTPAL6rI9J8hxeob3ZRmugZdS+78QZPJBXutBrTdTxq2ODcU7 BQp6JPFA+8mBPhy0Hpvh =bg4d -----END PGP SIGNATURE-----
--HjMTWJaeBCgNagSjjFPllHGO1w3MTcbje--
|