{"id":268,"date":"2015-07-04T19:34:23","date_gmt":"2015-07-04T17:34:23","guid":{"rendered":"http:\/\/blogs.gentoo.org\/ago\/?page_id=268"},"modified":"2020-07-04T15:19:10","modified_gmt":"2020-07-04T13:19:10","slug":"advisories","status":"publish","type":"page","link":"https:\/\/blogs.gentoo.org\/ago\/advisories\/","title":{"rendered":"Advisories"},"content":{"rendered":"<p>Below, a table which summarizes:<br \/>\n&#8211; Vulnerabilities found by me;<br \/>\n&#8211; Bugs spotted by ASan\/fuzzers\/$other_tools that are not security relevant.<\/p>\n<table>\n<tbody>\n<tr>\n<th style=\"border: 1px solid black;text-align: center\">Summary<\/th>\n<th width=\"115\" style=\"border: 1px solid black;text-align: center\">CVE<\/th>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2015\/07\/16\/libav-divide-by-zero-in-ff_h263_decode_mba\">libav: divide-by-zero in ff_h263_decode_mba(ituh263dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2015-5479<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/02\/16\/portage-utils-heap-based-buffer-overflow-in-qlop-c\">portage-utils: heap-based buffer overflow in show_sync_history (qlop.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/02\/16\/portage-utils-stack-based-buffer-overflow-in-qfile-c\">portage-utils: stack-based buffer overflow in prepare_qfile_args (qfile.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/07\/28\/paps-heap-based-buffer-overflow-in-read_file-paps-c\">paps: heap-based buffer overflow in read_file (paps.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/07\/29\/postgresql-psql-heap-based-buffer-overflow-in-gets_fromfile-input-c\">postgresql: psql: heap-based buffer overflow in gets_fromFile (input.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/01\/desktop-file-utils-desktop-file-validate-heap-based-buffer-overflow-in-validate-c\">desktop-file-utils: desktop-file-validate: heap-based buffer overflow in validate.c<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/02\/syslog-ng-null-pointer-dereference-in-report_syntax_error-cfg-parser-c\">syslog-ng: NULL pointer dereference in report_syntax_error (cfg-parser.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/03\/logrotate-heap-based-buffer-overflow-in-readconfigfile-config-c\">logrotate: heap-based buffer overflow in readConfigFile (config.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/05\/wirouterkeyrec-divide-by-zero-in-agpf_get_serial-agpf-c\">WiRouterKeyRec: divide-by-zero in agpf_get_serial (agpf.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/07\/libav-heap-based-buffer-overflow-in-ff_audio_resample-resample-c\">libav: heap-based buffer overflow in ff_audio_resample (resample.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-6832<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/08\/wirouterkeyrec-signed-shift-in-agpf_check_agpf-agpf-c\">WiRouterKeyRec: signed shift in agpf_check_agpf (agpf.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/08\/wirouterkeyrec-signed-integer-overflow-in-agpf_get_serial-agpf-c\">WiRouterKeyRec: signed integer overflow in agpf_get_serial (agpf.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/08\/potrace-multiplesix-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c\">potrace: multiple(six) heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8698<br \/>\nCVE-2016-8699<br \/>\nCVE-2016-8700<br \/>\nCVE-2016-8701<br \/>\nCVE-2016-8702<br \/>\nCVE-2016-8703<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/08\/potrace-divide-by-zero-in-bm_new-bitmap-h\">potrace: divide-by-zero in bm_new (bitmap.h)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8697<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/08\/potrace-multiple-three-null-pointer-dereference-in-bm_readbody_bmp-bitmap_io-c\">potrace: multiple (three) NULL pointer dereference in bm_readbody_bmp (bitmap_io.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8694<br \/>\nCVE-2016-8695<br \/>\nCVE-2016-8696<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/20\/libav-stack-based-buffer-overflow-in-aac_sync-aac_parser-c\/\">libav: stack-based buffer overflow in aac_sync (aac_parser.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7393<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/23\/graphicsmagick-two-heap-based-buffer-overflow-in-readtiffimage-tiff-c\">graphicsmagick: two heap-based buffer overflow in ReadTIFFImage (tiff.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7449<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/29\/potrace-null-pointer-dereference-in-findnext-decompose-c\">potrace: invalid memory access in findnext (decompose.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8685<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/08\/29\/potrace-memory-allocation-failure\">potrace: memory allocation failure<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8686<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/06\/ettercap-etterlog-multiple-three-heap-based-buffer-overflow-el_profiles-c\">ettercap: etterlog: multiple (three) heap-based buffer overflow (el_profiles.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/07\/graphicsmagick-null-pointer-dereference-in-magickstrlcpy-utility-c\">graphicsmagick: NULL pointer dereference in MagickStrlCpy (utility.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7449<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/09\/ettercap-etterlog-null-pointer-dereference-in-fingerprint_search-ec_fingerprint-c\">ettercap: etterlog: NULL pointer dereference in fingerprint_search (ec_fingerprint.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/10\/autotrace-heap-based-buffer-overflow-in-pstoedit_suffix_table_init-output-pstoedit-c\">autotrace: heap-based buffer overflow in pstoedit_suffix_table_init (output-pstoedit.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7392<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-heap-based-buffer-overflow-in-detect_form-archive_read_support_format_mtree-c\">libarchive: bsdtar: heap-based buffer overflow in detect_form (archive_read_support_format_mtree.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8688<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c\">libarchive: bsdtar: heap-based buffer overflow in read_Header (archive_read_support_format_7zip.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8689<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-memory-corruptionunknown-crash-in-bid_entry-archive_read_support_format_mtree-c\/\">libarchive: bsdtar: memory corruption\/unknown-crash in bid_entry (archive_read_support_format_mtree.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8688<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-heap-based-buffer-overflow-in-bid_entry-archive_read_support_format_mtree-c\">libarchive: bsdtar: heap-based buffer overflow in bid_entry (archive_read_support_format_mtree.c)<\/a><\/p>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8688<\/td>\n<\/td>\n<td><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-use-after-free-in-bid_entry-archive_read_support_format_mtree-c\/\">libarchive: bsdtar use-after-free in bid_entry (archive_read_support_format_mtree.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8688<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-use-after-free-in-detect_form-archive_read_support_format_mtree-c\/\">libarchive: bsdtar use-after-free in detect_form (archive_read_support_format_mtree.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8688<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/11\/libarchive-bsdtar-stack-based-buffer-overflow-in-bsdtar_expand_char-util-c\">libarchive: bsdtar: stack-based buffer overflow in bsdtar_expand_char (util.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8687<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/15\/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c\">graphicsmagick: stack-based buffer overflow in ReadSCTImage (sct.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8682<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/15\/graphicsmagick-memory-allocation-failure-in-readpcximage-pcx-c\">graphicsmagick: memory allocation failure in ReadPCXImage (pcx.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8683<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/15\/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c\">graphicsmagick: memory allocation failure in MagickMalloc (memory.c)<\/a>\n<\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8684<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/17\/libav-null-pointer-dereference-in-put_no_rnd_pixels8_xy2_mmx-rnd_template-c\">libav: NULL pointer dereference in put_no_rnd_pixels8_xy2_mmx (rnd_template.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7424<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/20\/libav-null-pointer-dereference-in-ff_put_pixels8_xy2_mmx-rnd_template-c\/\">libav: invalid memory access in ff_put_pixels8_xy2_mmx (rnd_template.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7477<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/21\/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c\/\">libav: divide-by-zero in sbr_make_f_master (aacsbr.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-7499<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/22\/mupdf-mutool-infinite-loop-in-gatherresourceinfo-pdfinfo-c\">mupdf: mutool: infinite loop in gatherresourceinfo (pdfinfo.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/22\/mupdf-use-after-free-in-pdf_to_num-pdf-object-c\">mupdf: use-after-free in pdf_to_num (pdf-object.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8674<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/24\/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c\">mupdf: mujstest: global-buffer-overflow in my_getline (jstest_main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10247<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/24\/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c\">mupdf: mujstest: global-buffer-overflow in main (jstest_main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10246<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/07\/libav-null-pointer-dereference-in-get_vlc2_get_bits_h\">libav: null pointer dereference in get_vlc2 (get_bits.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8676<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/09\/25\/mupdf-mujstest-strcpy-param-overlap-in-main-jstest_main-c\">mupdf: mujstest: strcpy-param-overlap in main (jstest_main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/02\/libdwarf-tag_tree_build-and-tag_attr_build-signed-shift\">libdwarf: tag_tree_build and tag_attr_build: signed shift<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/04\/libdwarf-heap-based-buffer-overflow-in-_dwarf_get_abbrev_for_code-dwarf_util-c\/\">libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8680<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/04\/libav-null-pointer-dereference-in-ff_put_pixels8_mmx-fpel_mmx-c\">libav: invalid memory access in ff_put_pixels8_mmx (fpel_mmx.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/06\/libdwarf-heap-based-buffer-overflow-in-_dwarf_get_abbrev_for_code-dwarf_util-c-2\">libdwarf: heap-based buffer overflow in _dwarf_get_abbrev_for_code (dwarf_util.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8681<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/06\/libdwarf-heap-based-buffer-overflow-in-_dwarf_get_size_of_val-dwarf_util-c\">libdwarf: heap-based buffer overflow in _dwarf_get_size_of_val (dwarf_util.c) (ANOTHER ONE)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8679<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/07\/imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h\">imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8678<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/07\/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c\">imagemagick: memory allocate failure in AcquireQuantumPixels (quantum.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8677<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/14\/openssl-libcrypto-stack-based-buffer-overflow-in-err_error_string_n-err-c\">openssl: libcrypto: stack-based buffer overflow in ERR_error_string_n (err.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/16\/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c\">jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8690<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/16\/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c\">jasper: two divide-by-zero in jpc_dec_process_siz (jpc_dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8691<br \/>\nCVE-2016-8692<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/16\/jasper-double-free-in-mem_close-jas_stream-c\">jasper: double-free in mem_close (jas_stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8693<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/17\/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c\">imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8862<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/18\/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c\">jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8887<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/18\/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c\">jasper: memory allocation failure in jas_malloc (jas_malloc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8886<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/18\/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690\">jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8884<br \/>\nCVE-2016-8885<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/18\/snzip-memory-allocation-failure-in-work_buffer_resize-snzip-c\">snzip: memory allocation failure in work_buffer_resize (snzip.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/18\/libwmf-memory-allocation-failure-in-wmf_malloc-api-c\/\">libwmf: memory allocation failure in wmf_malloc (api.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9011<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/20\/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862\">imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-8866<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/20\/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c\">jasper: NULL pointer dereference in jpc_tsfb_synthesize (jpc_tsfb.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10248<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/23\/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c\">jasper: heap-based buffer overflow in jpc_dec_tiledecode (jpc_dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10249<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/10\/23\/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887\/\">jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10250<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/04\/jasper-use-of-uninitialized-value-in-jpc_pi_nextcprl-jpc_t2cod-c\">jasper: use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10251<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/04\/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c\">elfutils: memory allocation failure in __libelf_set_rawdata_wrlock (elf_getdata.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10255<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/04\/elfutils-memory-allocation-failure-in-allocate_elf-common-h\">elfutils: memory allocation failure in allocate_elf (common.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10254<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/jasper-use-after-free-in-jas_realloc-jas_malloc-c\">jasper: use after free in jas_realloc (jas_malloc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9262<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c\">libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9275<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/libdwarf-heap-based-buffer-overflow-in-get_attr_value-print_die-c\">libdwarf: heap-based buffer overflow in get_attr_value (print_die.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/libdwarf-heap-based-buffer-overflow-in-dwarf_get_aranges_list-dwarf_arange-c\">libdwarf: heap-based buffer overflow in dwarf_get_aranges_list (dwarf_arange.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9276<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/libdwarf-memory-allocation-failure-in-do_decompress_zlib-dwarf_init_finish-c\">libdwarf: memory allocation failure in do_decompress_zlib (dwarf_init_finish.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/07\/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c\/\"><br \/>\nlibming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9264<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/09\/libtiff-memory-allocation-failure-in-_tiffcheckrealloc-tif_aux-c\">libtiff: memory allocation failure in _TIFFCheckRealloc (tif_aux.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/09\/libming-listmp3-divide-by-zero-in-printmp3headers-listmp3-c\">libming: listmp3: divide-by-zero in printMP3Headers (listmp3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9265<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/09\/libming-listmp3-left-shift-in-listmp3-c\">libming: listmp3: left shift in listmp3.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9266<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/16\/jasper-multiple-assertion-failure\">jasper: multiple Assertion failure<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9387<br \/>\nCVE-2016-9388<br \/>\nCVE-2016-9389<br \/>\nCVE-2016-9390<br \/>\nCVE-2016-9391<br \/>\nCVE-2016-9392<br \/>\nCVE-2016-9393<br \/>\nCVE-2016-9394<br \/>\nCVE-2016-9395<br \/>\nCVE-2016-9396<br \/>\nCVE-2016-9397<br \/>\nCVE-2016-9398<br \/>\nCVE-2016-9399<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/19\/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h\">imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9556<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/19\/jasper-signed-integer-overflow-in-jas_image-c\">jasper: signed integer overflow in jas_image.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9557<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/19\/libdwarf-negation-overflow-in-dwarf_leb-c\/\">libdwarf: negation overflow in dwarf_leb.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9558<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/19\/imagemagick-null-pointer-must-never-be-null-tiff-c\">imagemagick: null pointer must never be null (tiff.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9559<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/20\/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c\">jasper: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9560<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/22\/metapixel-heap-based-buffer-overflow-in-open_gif_file-rwgif-c\">metapixel: heap-based buffer overflow in open_gif_file (rwgif.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/11\/22\/metapixel-multiple-assertion-failures\"><br \/>\nmetapixel: multiple assertion failures<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/libav-multiple-crashes-from-the-undefined-behavior-sanitizer\">libav: multiple crashes from the Undefined Behavior Sanitizer<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9819<br \/>\nCVE-2016-9820<br \/>\nCVE-2016-9821<br \/>\nCVE-2016-9822<br \/>\nCVE-2016-9823<br \/>\nCVE-2016-9824<br \/>\nCVE-2016-9825<br \/>\nCVE-2016-9826<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556\">imagemagick: heap-based buffer overflow in IsPixelGray (pixel-accessor.h) (Incomplete fix for CVE-2016-9556)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9556<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/libming-listswf-heap-based-buffer-overflow-in-parseswf_definefont-parser-c\">libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9829<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/libming-listswf-heap-based-buffer-overflow-in-parseswf_rgba-parser-c\">libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9831<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/libming-listswf-heap-based-buffer-overflow-in-_iprintf-outputtxt-c\">libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9827<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/libming-listswf-null-pointer-dereference-in-dumpbuffer-read-c\">libming: listswf: NULL pointer dereference in dumpBuffer (read.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9828<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2016\/12\/01\/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c\">graphicsmagick: memory allocation failure in MagickRealloc (memory.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-9830<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-multiple-divide-by-zero\">libtiff: multiple divide-by-zero<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10266<br \/>\nCVE-2016-10267<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-multiple-heap-based-buffer-overflow\">libtiff: multiple heap-based buffer overflow<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10092<br \/>\nCVE-2016-10093<br \/>\nCVE-2016-10094<br \/>\nCVE-2016-10268<br \/>\nCVE-2016-10269<br \/>\nCVE-2016-10270<br \/>\nCVE-2016-10271<br \/>\nCVE-2016-10272\n<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-invalid-memory-read-in-t2p_writeproc-tiff2pdf-c\">libtiff: invalid memory READ in t2p_writeproc (tiff2pdf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-memcpy-param-overlap-in-_tiffmemcpy-tif_unix-c\">libtiff: memcpy-param-overlap in t2p_tile_collapse_left (tiff2pdf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-stack-based-buffer-overflow-in-_tiffvgetfield-tif_dir-c\">libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10095<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-assertion-failure-in-readseparatetilesintobuffer-tiffcp-c\">libtiff: assertion failure in readSeparateTilesIntoBuffer (tiffcp.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/01\/libtiff-null-pointer-dereference-in-tiffreadrawdata-tiffinfo-c\">libtiff: NULL pointer dereference in TIFFReadRawData (tiffinfo.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/16\/jasper-multiple-crashes-with-ubsan\">jasper: multiple crashes with UBSAN<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5498<br \/>\nCVE-2017-5499<br \/>\nCVE-2017-5500<br \/>\nCVE-2017-5501<br \/>\nCVE-2017-5502<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/16\/jasper-invalid-memory-write-in-dec_clnpass-jpc_t1dec-c\">jasper: invalid memory write in dec_clnpass (jpc_t1dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5503<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/16\/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c\">jasper: invalid memory read in jpc_undo_roi (jpc_dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5504<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/16\/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c\">jasper: invalid memory read in jas_matrix_asl (jas_seq.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5505<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/25\/jasper-null-pointer-dereference-in-jp2_cdef_destroy-jp2_cod-c\">jasper: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6850<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/25\/jasper-invalid-memory-read-in-jas_matrix_bindsub-jas_seq-c\">jasper: invalid memory read in jas_matrix_bindsub (jas_seq.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6851<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/25\/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c\">jasper: heap-based buffer overflow in jpc_dec_decodepkt (jpc_t2dec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6852<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/29\/mp3splt-null-pointer-dereference-in-main-mp3splt-c\">mp3splt: NULL pointer dereference in main (mp3splt.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/29\/mp3splt-invalid-free-in-free_options-options_manager-c\">mp3splt: invalid free in free_options (options_manager.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5666<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/01\/29\/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c\">libmp3splt: NULL pointer dereference in splt_cue_export_to_file (cue.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5665<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/mp3splt-null-pointer-dereference-in-free_options-options_manager-c\">mp3splt: NULL pointer dereference in free_options (options_manager.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5851<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_textrel-scanelf-c\">pax-utils: scanelf: out of bounds read in scanelf_file_textrel (scanelf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_get_symtabs-scanelf-c\/\">pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/podofo-null-pointer-dereference-in-pdfinfoguessformat-pdfinfo-cpp\">podofo: NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/podofo-null-pointer-dereference-in-podofopdfparserreadxrefsubsection-pdfparser-cpp\">podofo: NULL pointer dereference in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5855<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/podofo-null-pointer-dereference-in-pdfoutputstream-cpp\">podofo: NULL pointer dereference in PdfOutputStream.cpp<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5854<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/podofo-signed-integer-overflow-in-pdfparser-cpp\">podofo: signed integer overflow in PdfParser.cpp<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5853<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/01\/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp\">podofo: infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5852<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/03\/podofo-heap-based-buffer-overflow-in-podofopdftokenizergetnexttoken-pdftokenizer-cpp\">podofo: heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5886<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/03\/pax-utils-dumpelf-multiple-divide-by-zero-in-dumpelf-c\">pax-utils: dumpelf: multiple divide-by-zero in dumpelf.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/04\/pax-utils-dumpelf-two-invalid-memory-read-in-dumpelf-c\">pax-utils: dumpelf: two invalid memory read in dumpelf.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/04\/pax-utils-dumpelf-out-of-bounds-read-in-dump_notes-dumpelf-c\">pax-utils: dumpelf: out of bounds read in dump_notes (dumpelf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c\">zziplib: heap-based buffer overflow in __zzip_get32 (fetch.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5974<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c\">zziplib: heap-based buffer overflow in __zzip_get64 (fetch.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5975<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c\">zziplib: heap-based buffer overflow in zzip_mem_entry_extra_block (memdisk.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5976<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c\">zziplib: invalid memory read in zzip_mem_entry_extra_block (memdisk.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5977<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-null-pointer-dereference-in-main-unzzipcat-mem-c\">zziplib: NULL pointer dereference in main (unzzipcat-mem.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c\">zziplib: out of bounds read in zzip_mem_entry_new (memdisk.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5978<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c\">zziplib: NULL pointer dereference in prescan_entry (fseeko.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5979<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c\">zziplib: NULL pointer dereference in zzip_mem_entry_new (memdisk.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5980<\/td>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-null-pointer-dereference-in-main-unzzipcat-c\">zziplib: NULL pointer dereference in main (unzzipcat.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-load-of-misaligned-address-in-memdisk-c\">zziplib: load of misaligned address in memdisk.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/zziplib-assertion-failure-in-seeko-c\">zziplib: assertion failure in seeko.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-5981<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/09\/mupdf-use-after-free-in-fz_subsample_pixmap-pixmap-c\">mupdf: use-after-free in fz_subsample_pixmap (pixmap.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7264<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/17\/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c\">mupdf: mujstest: stack-based buffer overflow in main (jstest_main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6060<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp\">audiofile: heap-based buffer overflow in MSADPCM::initializeCoefficients (MSADPCM.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6827<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp\">audiofile: heap-based buffer overflow in readValue (FileHandle.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6828<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-global-buffer-overflow-in-decodesample-ima-cpp\">audiofile: global buffer overflow in decodeSample (IMA.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6829<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp\">audiofile: heap-based buffer overflow in alaw2linear_buf (G711.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6830<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp\">audiofile: heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6831<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp\">audiofile: heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6832<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp\">audiofile: divide-by-zero in BlockCodec::runPull (BlockCodec.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6833<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp\">audiofile: heap-based buffer overflow in ulaw2linear_buf (G711.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6834<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp\">audiofile: divide-by-zero in BlockCodec::reset1 (BlockCodec.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6835<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h\">audiofile: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6836<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/20\/audiofile-multiple-ubsan-crashes\">audiofile: multiple ubsan crashes<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6837<br \/>\nCVE-2017-6838<br \/>\nCVE-2017-6839<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/21\/gnu-paxutils-multiple-crashes\">gnu-paxutils: multiple crashes<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/02\/25\/pax-utils-scanelf-out-of-bounds-read-in-scanelf_file_get_symtabs-scanelf-c-2\">pax-utils: scanelf: out of bounds read in scanelf_file_get_symtabs (scanelf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp\">podofo: invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6840<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h\">podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6841<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp\">podofo: NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6842<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-heap-based-buffer-overflow-in-podofopdfvariantdelayedload-pdfvariant-h\">podofo: heap-based buffer overflow in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6843<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp\">podofo: global buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6844<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp\">podofo: NULL pointer dereference in PoDoFo::PdfColor::operator= (PdfColor.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6845<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementsetnonstrokingcolorspace-graphicsstack-h\">podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6846<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-podofopdfvariantdelayedload-pdfvariant-h\">podofo: NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6847<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-podofopdfxobjectpdfxobject-pdfxobject-cpp\">podofo: NULL pointer dereference in PoDoFo::PdfXObject::PdfXObject (PdfXObject.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6848<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/02\/podofo-null-pointer-dereference-in-podofopdfcolorgraypdfcolorgray-pdfcolor-cpp\">podofo: NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-6849<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/03\/potrace-heap-based-buffer-overflow-in-bm_readbody_bmp-bitmap_io-c-incomplete-fix-for-cve-2016-8698\">potrace: heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c) (incomplete fix for CVE-2016-8698)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7263<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/14\/libpcre-invalid-memory-read-in-phar-pcretest-c\">libpcre: invalid memory read in phar (pcretest.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/14\/libpcre-null-pointer-dereference-in-main-pcretest-c\">libpcre: NULL pointer dereference in main (pcretest.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/14\/libpcre-invalid-memory-read-in-match-pcre_exec-c\">libpcre: invalid memory read in match (pcre_exec.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7186<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/20\/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c\">libpcre: two stack-based buffer overflow write in pcre32_copy_substring (pcre_get.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7245<br \/>\nCVE-2017-7246<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/20\/libpcre-heap-based-bufffer-overflow-in-regexflip8_or_16-pcretest-c\">libpcre: heap-based bufffer overflow in regexflip8_or_16 (pcretest.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/20\/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c\">libpcre: invalid memory read in _pcre32_xclass (pcre_xclass.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7244<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/27\/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866\">imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862 and CVE-2016-8866)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7275<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/31\/podofo-heap-based-buffer-overflow-in-podofopdfpainterexpandtabs-pdfpainter-cpp\">podofo: heap-based buffer overflow in PoDoFo::PdfPainter::ExpandTabs (PdfPainter.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7378<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/31\/podofo-heap-based-buffer-overflow-in-podofopdfsimpleencodingconverttoencoding-pdfencoding-cpp\">podofo: heap-based buffer overflow in PoDoFo::PdfSimpleEncoding::ConvertToEncoding (PdfEncoding.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7379<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/03\/31\/podofo-four-null-pointer-dereference\">podofo: four null pointer dereference<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7380<br \/>\nCVE-2017-7381<br \/>\nCVE-2017-7382<br \/>\nCVE-2017-7383<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/01\/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c\">libtiff: divide-by-zero in JPEGSetupEncode (tiff_jpeg.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7595<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/01\/libtiff-multiple-ubsan-crashes\">libtiff: multiple UBSAN crashes<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">2017-7596<br \/>\n2017-7597<br \/>\n2017-7598<br \/>\n2017-7599<br \/>\n2017-7600<br \/>\n2017-7601<br \/>\n2017-7602<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/01\/libaacplus-signed-integer-overflow-left-shift-and-assertion-failure\">libaacplus: signed integer overflow, left shift and assertion failure<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7603<br \/>\nCVE-2017-7604<br \/>\nCVE-2017-7605<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/02\/imagemagick-undefined-behavior-in-codersrle-c\">imagemagick: undefined behavior in coders\/rle.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7606<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c\">elfutils: heap-based buffer overflow in handle_gnu_hash (readelf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7607<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c\">elfutils: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7608<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c\">elfutils: memory allocation failure in __libelf_decompress (elf_compress.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7609<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c\">elfutils: heap-based buffer overflow in check_group (elflint.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7610<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c\">elfutils: heap-based buffer overflow in check_symtab_shndx (elflint.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7611<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c\">elfutils: heap-based buffer overflow in check_sysv_hash (elflint.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7612<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/03\/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c\">elfutils: memory allocation failure in xcalloc (xmalloc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7613<\/td>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/05\/binutils-two-null-pointer-dereference-in-elflink-c\">binutils: two NULL pointer dereference in elflink.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7614<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/11\/libsamplerate-global-buffer-overflow-in-calc_output_single-src_sinc-c\">libsamplerate: global buffer overflow in calc_output_single (src_sinc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7697<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/11\/libsndfile-invalid-memory-read-and-invalid-memory-write-in\">libsndfile: invalid memory READ and invalid memory WRITE in flac_buffer_copy (flac.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7741<br \/>\nCVE-2017-7742<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/17\/libcroco-heap-overflow-and-undefined-behavior\">libcroco: heap overflow and undefined behavior<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7960<br \/>\nCVE-2017-7961<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/17\/imageworsener-divide-by-zero-in-iwgif_record_pixel-imagew-gif-c\">imageworsener: divide-by-zero in iwgif_record_pixel (imagew-gif.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-7962<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/27\/imageworsener-memory-allocation-failure-in-my_mallocfn-imagew-cmd-c\">imageworsener: memory allocation failure in my_mallocfn (imagew-cmd.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8327<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/27\/imageworsener-two-left-shift\">imageworsener: two left shift<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8326<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/27\/imageworsener-heap-based-buffer-overflow-in-iw_process_cols_to_intermediate-imagew-main-c\">imageworsener: heap-based buffer overflow in iw_process_cols_to_intermediate (imagew-main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8325<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c\">libsndfile: invalid memory read in flac_buffer_copy (flac.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8362<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c\">libsndfile: global buffer overflow in flac_buffer_copy (flac.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8361<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c\">libsndfile: heap-based buffer overflow in flac_buffer_copy (flac.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8363<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c\">libsndfile: global buffer overflow in i2les_array (pcm.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8365<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/libpcre-heap-based-buffer-overflow-write-in-pcre2test-c\">libpcre: heap-based buffer overflow write in pcre2test.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8786<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/ettercap-etterfilter-heap-based-buffer-overflow-write\">ettercap: etterfilter: heap-based buffer overflow write<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8366<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/29\/rzip-heap-based-buffer-overflow-in-read_buf-stream-c\">rzip: heap-based buffer overflow in read_buf (stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8364<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/30\/libmad-heap-based-buffer-overflow-in-mad_bit_skip-bit-c\">libmad: heap-based buffer overflow in mad_bit_skip (bit.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8374<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/30\/libmad-heap-based-buffer-overflow-in-mad_layer_iii-layer3-c\">libmad: heap-based buffer overflow in mad_layer_III (layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8373<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/04\/30\/libmad-assertion-failure-in-layer3-c\">libmad: assertion failure in layer3.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8372<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/01\/telegram-desktop-insecure-permission-of-home-telegramdesktop-directory\">telegram-desktop: insecure permission of $HOME\/.TelegramDesktop directory<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10351<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/01\/libarchive-two-heap-based-buffer-overflow-read\">libarchive: two heap-based buffer overflow read<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2016-10349<br \/>\nCVE-2016-10350<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-divide-by-zero-in-bufreadget-libzpaq-h\">lrzip: divide-by-zero in bufRead::get (libzpaq.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8842<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-null-pointer-dereference-in-bufreadget-libzpaq-h\">lrzip: NULL pointer dereference in bufRead::get (libzpaq.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8847<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-null-pointer-dereference-in-join_pthread-stream-c\">lrzip: NULL pointer dereference in join_pthread (stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8843<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-invalid-memory-read-in-lzo_decompress_buf-stream-c\">lrzip: invalid memory read in lzo_decompress_buf (stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8845<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-heap-based-buffer-overflow-write-in-read_1g-stream-c\">lrzip: heap-based buffer overflow write in read_1g (stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8844<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/07\/lrzip-use-after-free-in-read_stream-stream-c\">lrzip: use-after-free in read_stream (stream.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-8846<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/12\/binutils-multiple-crashes\">binutils: multiple crashes<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9038<br \/>\nCVE-2017-9039<br \/>\nCVE-2017-9040<br \/>\nCVE-2017-9041<br \/>\nCVE-2017-9042<br \/>\nCVE-2017-9043<br \/>\nCVE-2017-9044<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/20\/autotrace-multiple-vulnerabilities-the-autotrace-nightmare\">autotrace: multiple vulnerabilities (The autotrace nightmare)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9151<br \/>\nCVE-2017-9152<br \/>\nCVE-2017-9153<br \/>\nCVE-2017-9154<br \/>\nCVE-2017-9155<br \/>\nCVE-2017-9156<br \/>\nCVE-2017-9157<br \/>\nCVE-2017-9158<br \/>\nCVE-2017-9159<br \/>\nCVE-2017-9160<br \/>\nCVE-2017-9161<br \/>\nCVE-2017-9162<br \/>\nCVE-2017-9163<br \/>\nCVE-2017-9164<br \/>\nCVE-2017-9165<br \/>\nCVE-2017-9166<br \/>\nCVE-2017-9167<br \/>\nCVE-2017-9168<br \/>\nCVE-2017-9169<br \/>\nCVE-2017-9170<br \/>\nCVE-2017-9171<br \/>\nCVE-2017-9172<br \/>\nCVE-2017-9173<br \/>\nCVE-2017-9174<br \/>\nCVE-2017-9175<br \/>\nCVE-2017-9176<br \/>\nCVE-2017-9177<br \/>\nCVE-2017-9178<br \/>\nCVE-2017-9179<br \/>\nCVE-2017-9180<br \/>\nCVE-2017-9181<br \/>\nCVE-2017-9182<br \/>\nCVE-2017-9183<br \/>\nCVE-2017-9184<br \/>\nCVE-2017-9185<br \/>\nCVE-2017-9186<br \/>\nCVE-2017-9187<br \/>\nCVE-2017-9188<br \/>\nCVE-2017-9189<br \/>\nCVE-2017-9190<br \/>\nCVE-2017-9191<br \/>\nCVE-2017-9192<br \/>\nCVE-2017-9193<br \/>\nCVE-2017-9194<br \/>\nCVE-2017-9195<br \/>\nCVE-2017-9196<br \/>\nCVE-2017-9197<br \/>\nCVE-2017-9198<br \/>\nCVE-2017-9199<br \/>\nCVE-2017-9200<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/20\/imageworsener-multiple-vulnerabilities\">imageworsener: multiple vulnerabilities<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9201<br \/>\nCVE-2017-9202<br \/>\nCVE-2017-9203<br \/>\nCVE-2017-9204<br \/>\nCVE-2017-9205<br \/>\nCVE-2017-9206<br \/>\nCVE-2017-9207<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/21\/qpdf-three-infinite-loop-in-libqpdf\">qpdf: three infinite loop in libqpdf<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9208<br \/>\nCVE-2017-9209<br \/>\nCVE-2017-9210<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-heap-based-buffer-overflow-in-printtnef-ytnefprintmain-c\">ytnef: heap-based buffer overflow in PrintTNEF (ytnefprint\/main.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-null-pointer-dereference-in-mapiprint-ytnef-c\">ytnef: NULL pointer dereference in MAPIPrint (ytnef.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9470<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-heap-based-buffer-overflow-in-swapword-ytnef-c\">ytnef: heap-based-buffer overflow in SwapWord (ytnef.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9471<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-heap-based-buffer-overflow-in-swapdword-ytnef-c\">ytnef: heap-based buffer overflow in SwapDWord (ytnef.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9472<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-memory-allocation-failure-in-tneffillmapi-ytnef-c\">ytnef: memory allocation failure in TNEFFillMapi (ytnef.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9473<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/05\/24\/ytnef-heap-based-buffer-overflow-in-decompressrtf-ytnef-c\">ytnef: heap-based buffer overflow in DecompressRTF (ytnef.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9474<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-divide-by-zero-in-parse_wave_header-get_audio-c\">lame: divide-by-zero in parse_wave_header (get_audio.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-global-buffer-overflow-in-ii_step_one-layer2-c\">lame: global-buffer-overflow in II_step_one (layer2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9869<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-global-buffer-overflow-in-iii_i_stereo-layer3-c\">lame: global-buffer-overflow in III_i_stereo (layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9870<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-heap-based-buffer-overflow-in-fill_buffer_resample-util-c\">lame: heap-based buffer overflow in fill_buffer_resample (util.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2015-9101<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-stack-based-buffer-overflow-in-iii_i_stereo-layer3-c\">lame: stack-based buffer overflow in III_i_stereo (layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9871<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-stack-based-buffer-overflow-in-iii_dequantize_sample-layer3-c\">lame: stack-based buffer overflow in III_dequantize_sample (layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-9872<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-multiple-left-shift\">lame: multiple left shift<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/17\/lame-two-ubsan-crashes\">lame: two UBSAN crashes<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/28\/xar-null-pointer-dereference-in-xar_unserialize-archive-c\">xar: NULL pointer dereference in xar_unserialize (archive.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-11124<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/06\/28\/xar-null-pointer-dereference-in-xar_get_path-util-c\">xar: NULL pointer dereference in xar_get_path (util.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-11125<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/07\/03\/mpg123-global-buffer-overflow-in-iii_i_stereo-layer3-c\">mpg123: global buffer overflow in III_i_stereo (layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-11126<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/07\/12\/graphicsmagick-use-after-free-in-closeblob-blob-c\">graphicsmagick: use-after-free in CloseBlob (blob.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-11403<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/05\/graphicsmagick-use-after-free-in-readwmfimage-wmf-c\">graphicsmagick: use-after-free in ReadWMFImage (wmf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12936<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/05\/graphicsmagick-invalid-memory-read-in-setimagecolorcallback-image-c\">graphicsmagick: invalid memory read in SetImageColorCallBack (image.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12935<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/05\/graphicsmagick-heap-based-buffer-overflow-in-readsunimage-sun-c\">graphicsmagick: heap-based buffer overflow in ReadSUNImage (sun.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12937<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-double-free-in-dffromlb-docfile-cxx\">libfpx: double-free in DfFromLB (docfile.cxx)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12925<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-heap-based-buffer-overflow-in-olestreamwritevt_lpstr-olestrm-cpp\">libfpx: heap-based buffer overflow in OLEStream::WriteVT_LPSTR (olestrm.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12919<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-null-pointer-dereference-in-cdirectorygetdirentry-dir-cxx\">libfpx: NULL pointer dereference in CDirectory::GetDirEntry (dir.cxx)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12920<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-null-pointer-dereference-in-wchar-c\">libfpx: NULL pointer dereference in wchar.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12922<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-null-pointer-dereference-in-pfileflashpixviewgetglobalinfoproperty-f_fpxvw-cpp\">libfpx: NULL pointer dereference in PFileFlashPixView::GetGlobalInfoProperty (f_fpxvw.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12921<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-null-pointer-dereference-in-olestreamwritevt_lpstr-olestrm-cpp\">libfpx: NULL pointer dereference in OLEStream::WriteVT_LPSTR (olestrm.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12923<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/09\/libfpx-divide-by-zero-in-cdirvectorgettable-dirfunc-hxx\">libfpx: divide-by-zero in CDirVector::GetTable (dirfunc.hxx)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12924<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/10\/imagemagick-use-after-free-in-destroyimage-image-c\">imagemagick: use-after-free in DestroyImage (image.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12877<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/10\/imagemagick-heap-based-buffer-overflow-in-omp_outlined-32-enhance-c\">imagemagick: heap-based buffer overflow in .omp_outlined..32 (enhance.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12876<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/14\/openjpeg-memory-allocation-failure-in-opj_aligned_alloc_n-opj_malloc-c\">openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12982<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/16\/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c\">openjpeg: heap-based buffer overflow in opj_mqc_flush (mqc.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14151<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/16\/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c\">openjpeg: heap-based buffer overflow in opj_write_bytes_LE (cio.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14152<\/td>\n<\/tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/28\/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c\">openjpeg: heap-based buffer overflow in opj_t2_encode_packet (t2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14039<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/28\/openjpeg-invalid-memory-write-in-tgatoimage-convert-c\">openjpeg: invalid memory write in tgatoimage (convert.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14040<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/28\/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c\">openjpeg: stack-based buffer overflow write in pgxtoimage (convert.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14041<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/08\/28\/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2\">graphicsmagick: memory allocation failure in MagickRealloc (memory.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14042<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/01\/graphicsmagick-use-after-free-in-closeblob-blob-c-incomplete-fix-for-cve-2017-11403\">graphicsmagick: use-after-free in CloseBlob (blob.c) (INCOMPLETE FIX FOR CVE-2017-11403)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14103<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/01\/libzip-memory-allocation-failure-in-_zip_cdir_grow-zip_dirent-c\">libzip: memory allocation failure in _zip_cdir_grow (zip_dirent.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14107<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/01\/libzip-use-after-free-in-_zip_buffer_free-zip_buffer-c\">libzip: use-after-free in _zip_buffer_free (zip_buffer.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-12858<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/06\/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152\">openjpeg: heap-based buffer overflow in opj_write_bytes_LE (cio.c) (INCOMPLETE FIX FOR CVE-2017-14152)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14164<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/06\/graphicsmagick-memory-allocation-failure-in-magickmalloc-memory-c-2\">graphicsmagick: memory allocation failure in MagickMalloc (memory.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14165<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/06\/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c\">libarchive: heap-based buffer overflow in xml_data (archive_read_support_format_xar.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14166<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/07\/aacplusenc-null-pointer-dereference-in-deletebitbuffer-bitbuffer-c\">aacplusenc: NULL pointer dereference in DeleteBitBuffer (bitbuffer.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14181<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-stack-based-buffer-overflow-in-filteryule-gain_analysis-c\">mp3gain: stack-based buffer overflow in filterYule (gain_analysis.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14407<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-null-pointer-dereference-in-sync_buffer-mpglibdblinterface-c\">mp3gain: NULL pointer dereference in sync_buffer (mpglibDBL\/interface.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14406<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-stack-based-buffer-overflow-in-copy_mp-mpglibdblinterface-c\">mp3gain: stack-based buffer overflow in copy_mp (mpglibDBL\/interface.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14411<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-memcpy-param-overlap-in-set_pointer-mpglibdblcommon-c\">mp3gain: memcpy-param-overlap in set_pointer (mpglibDBL\/common.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-global-buffer-overflow-in-iii_dequantize_sample-mpglibdbllayer3-c\">mp3gain: global buffer overflow in III_dequantize_sample (mpglibDBL\/layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14409<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-stack-based-buffer-overflow-in-dct36-mpglibdbllayer3-c\">mp3gain: stack-based buffer overflow in dct36 (mpglibDBL\/layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14408<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-invalid-memory-write-in-copy_mp-mpglibdblinterface-c\">mp3gain: invalid memory write in copy_mp (mpglibDBL\/interface.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14412<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/08\/mp3gain-global-buffer-overflow-in-iii_i_stereo-mpglibdbllayer3-c\">mp3gain: global buffer overflow in III_i_stereo (mpglibDBL\/layer3.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14410<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-heap-based-buffer-overflow-in-ap4_bitstreamreadbytes-ap4bitstream-cpp\">bento4: heap-based buffer overflow in AP4_BitStream::ReadBytes (Ap4BitStream.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14645<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-null-pointer-dereference-in-ap4_atomsettype-ap4atom-h\">bento4: NULL pointer dereference in AP4_Atom::SetType (Ap4Atom.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14638<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-null-pointer-dereference-in-ap4_atomsampletablegetsample-ap4atomsampletable-cpp\">bento4: NULL pointer dereference in AP4_AtomSampleTable::GetSample (Ap4AtomSampleTable.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14640<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-null-pointer-dereference-in-ap4_dataatomap4_dataatom-ap4metadata-cpp\">bento4: NULL pointer dereference in AP4_DataAtom::~AP4_DataAtom (Ap4MetaData.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14641<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-null-pointer-dereference-in-ap4_stdcfilebytestreamreadpartial-ap4stdcfilebytestream-cpp\">bento4: NULL pointer dereference in AP4_StdcFileByteStream::ReadPartial (Ap4StdCFileByteStream.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14642<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-heap-based-buffer-overflow-in-ap4_hdlratomap4_hdlratom-ap4hdlratom-cpp\">bento4: heap-based buffer overflow in AP4_HdlrAtom::AP4_HdlrAtom (Ap4HdlrAtom.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14644<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-heap-based-buffer-overflow-in-ap4_bytestouint32be-ap4utils-h\">bento4: heap-based buffer overflow in AP4_BytesToUInt32BE (Ap4Utils.h)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14643<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-heap-based-buffer-overflow-in-ap4_databuffersetdata-ap4databuffer-cpp\">bento4: heap-based buffer overflow in AP4_DataBuffer::SetData (Ap4DataBuffer.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14646<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-stack-based-buffer-overflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp\">bento4: stack-based buffer overflow in AP4_VisualSampleEntry::ReadFields (Ap4SampleEntry.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14647<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/14\/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp\">bento4: stack-based buffer underflow in AP4_VisualSampleEntry::ReadFields (Ap4SampleEntry.cpp)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14639<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/19\/bladeenc-global-buffer-overflow-in-iteration_loop-loop-c\">bladeenc: global buffer overflow in iteration_loop (loop.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14648<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/19\/graphicsmagick-assertion-failure-in-pixel_cache-c\">graphicsmagick: assertion failure in pixel_cache.c<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14649<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/25\/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c\">binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14729<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/26\/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c\">binutils: memory allocation failure in _bfd_elf_slurp_version_tables (elf.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14938<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/26\/binutils-null-pointer-dereference-in-scan_unit_for_symbols-dwarf2-c\">binutils: NULL pointer dereference in scan_unit_for_symbols (dwarf2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14940<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/09\/26\/binutils-heap-based-buffer-overflow-in-read_1_byte-dwarf2-c\">binutils: heap-based buffer overflow in read_1_byte (dwarf2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-14939<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c\">binutils: infinite loop in find_abstract_instance_name (dwarf2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15024<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-divide-by-zero-in-decode_line_info-dwarf2-c\">binutils: divide-by-zero in decode_line_info (dwarf2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15025<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c\">binutils: heap-based buffer overflow in bfd_getl32 (opncls.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15021<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c\">binutils: NULL pointer dereference in concat_filename (dwarf2.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15023<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c\">binutils: NULL pointer dereference in bfd_hash_hash (hash.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15022<\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2017\/10\/03\/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c\">binutils: heap-based buffer overflow in parse_die (dwarf1.c)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2017-15020<\/td>\n<\/tr>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2020\/04\/16\/why-i-stopped-fuzzing-research\">Why I stopped fuzzing research<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\"><\/td>\n<\/tr>\n<tr>\n<td style=\"border: 1px solid black;text-align: center\"><a href=\"https:\/\/blogs.gentoo.org\/ago\/2020\/04\/19\/re2c-heap-overflow-in-scannerfill-scanner-cc\">re2c: heap overflow in Scanner::fill (scanner.cc)<\/a><\/td>\n<td style=\"border: 1px solid black;text-align: center\">CVE-2020-11958<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>All advisories are also grouped under the tag <a href=\"https:\/\/blogs.gentoo.org\/ago\/category\/advisories\/\">advisories<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Below, a table which summarizes: &#8211; Vulnerabilities found by me; &#8211; Bugs spotted by ASan\/fuzzers\/$other_tools that are not security relevant. Summary CVE libav: divide-by-zero in ff_h263_decode_mba(ituh263dec.c) CVE-2015-5479 portage-utils: heap-based buffer overflow in show_sync_history (qlop.c) portage-utils: stack-based buffer overflow in prepare_qfile_args &hellip; <a href=\"https:\/\/blogs.gentoo.org\/ago\/advisories\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":140,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"open","template":"","meta":{"spay_email":""},"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/P2EaBc-4k","_links":{"self":[{"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/pages\/268"}],"collection":[{"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/users\/140"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/comments?post=268"}],"version-history":[{"count":130,"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/pages\/268\/revisions"}],"predecessor-version":[{"id":2468,"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/pages\/268\/revisions\/2468"}],"wp:attachment":[{"href":"https:\/\/blogs.gentoo.org\/ago\/wp-json\/wp\/v2\/media?parent=268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}