Gentoo Portage vulnerabilities

CVE-2016-20021 [CRITICAL] CWE-347 CVE-2016-20021: In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone em In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable.

CVE-2019-20384 [MEDIUM] CWE-362 CVE-2019-20384: Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/na Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners.

CVE-2013-2100 [CRITICAL] CWE-310 CVE-2013-2100: The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, doe The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify binary package lists via a crafted certificate.

CVE-2008-4394 [MEDIUM] CVE-2008-4394: Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.

CVE-2007-6249 [LOW] CWE-200 CVE-2007-6249: etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive information by reading the merge file.

CVE-2004-1901 [MEDIUM] CWE-59 CVE-2004-1901: Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on t Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.