CINXE.COM

Gentoo security – Gentoo Linux

<!DOCTYPE html> <html lang="en-US" dir="ltr"> <head> <meta charset="utf-8"> <title>Gentoo security – Gentoo Linux</title> <meta name="theme-color" content="#54487a"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta property="og:title" content="Gentoo security – Gentoo Linux"> <meta property="og:image" content="https://www.gentoo.org/assets/img/og-image.jpg"> <meta property="og:description" content="News and information from Gentoo Linux"> <meta name="twitter:image" content="https://www.gentoo.org/assets/img/logo/gentoo-g.png"> <link rel="apple-touch-icon" href="https://www.gentoo.org/assets/img/logo/icon-192.png"> <link rel="icon" sizes="192x192" href="https://www.gentoo.org/assets/img/logo/icon-192.png"> <link href="https://assets.gentoo.org/tyrian/v1/bootstrap.min.css" rel="stylesheet" media="screen"> <link href="https://assets.gentoo.org/tyrian/v1/tyrian.min.css" rel="stylesheet" media="screen"> <link href="/assets/css/screen.css" rel="stylesheet" media="screen"> <link rel="icon" href="/favicon.ico" type="image/x-icon"> <link rel="search" type="application/opensearchdescription+xml" href="https://www.gentoo.org/search/www-gentoo-org.xml" title="Gentoo Website"> <link rel="search" type="application/opensearchdescription+xml" href="https://www.gentoo.org/search/forums-gentoo-org.xml" title="Gentoo Forums"> <link rel="search" type="application/opensearchdescription+xml" href="https://www.gentoo.org/search/bugs-gentoo-org.xml" title="Gentoo Bugzilla"> <link rel="search" type="application/opensearchdescription+xml" href="https://www.gentoo.org/search/packages-gentoo-org.xml" title="Gentoo Packages"> <link rel="search" type="application/opensearchdescription+xml" href="https://www.gentoo.org/search/archives-gentoo-org.xml" title="Gentoo List Archives"> </head> <body class="nav-align-h2"> <header> <div class="site-title"> <div class="container"> <div class="row"> <div class="site-title-buttons"> <div class="btn-group btn-group-sm"> <a href="https://get.gentoo.org/" role="button" class="btn get-gentoo"><span class="fa fa-fw fa-download"></span> <strong>Get Gentoo!</strong></a> <div class="btn-group btn-group-sm"> <a class="btn gentoo-org-sites dropdown-toggle" data-toggle="dropdown" data-target="#" href="#"> <span class="fa fa-fw fa-map-o"></span> <span class="hidden-xs">gentoo.org sites</span> <span class="caret"></span> </a> <ul class="dropdown-menu dropdown-menu-right"> <li><a href="https://www.gentoo.org/" title="Gentoo's main website"><span class="fa fa-home fa-fw"></span> gentoo.org</a></li> <li><a href="https://wiki.gentoo.org/" title="Find and contribute documentation"><span class="fa fa-file-text-o fa-fw"></span> Wiki</a></li> <li><a href="https://bugs.gentoo.org/" title="Discover and report issues with Gentoo"><span class="fa fa-bug fa-fw"></span> Bugs</a></li> <li><a href="https://packages.gentoo.org/" title="Find software to install"><span class="fa fa-hdd-o fa-fw"></span> Packages</a></li> <li><a href="https://forums.gentoo.org/" title="Discuss with the community"><span class="fa fa-comments-o fa-fw"></span> Forums</a></li> <li class="divider"></li> <li><a href="https://planet.gentoo.org/" title="Find out what's going on in the dev community"><span class="fa fa-rss fa-fw"></span> Planet</a></li> <li><a href="https://archives.gentoo.org/" title="Read up on past discussions"><span class="fa fa-archive fa-fw"></span> Archives</a></li> <li><a href="https://devmanual.gentoo.org/" title="Read the development guide"><span class="fa fa-book fa-fw"></span> Devmanual</a></li> <li><a href="https://gitweb.gentoo.org/" title="Browse our source code in Gitweb"><span class="fa fa-code fa-fw"></span> Gitweb</a></li> <li class="divider"></li> <li><a href="https://infra-status.gentoo.org/" title="Get updates on the services provided by the Gentoo infra team"><span class="fa fa-server fa-fw"></span> Infra status</a></li> </ul> </div> </div> </div> <div class="logo"> <a href="/" title="Back to the homepage" class="site-logo"> <img src="https://assets.gentoo.org/tyrian/v1/site-logo.png" alt="Gentoo Linux logo" srcset="https://assets.gentoo.org/tyrian/v1/site-logo.svg"> </a> </div> </div> </div> </div> <nav class="tyrian-navbar" role="navigation"> <div class="container"> <div class="row"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-main-collapse"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> </div> <div class="collapse navbar-collapse navbar-main-collapse"> <ul class="nav navbar-nav"> <li class=""><a href="/">Home</a></li> <li class=""><a href="/get-started/">Get started</a></li> <li class=""><a href="/downloads/">Downloads</a></li> <li class=""><a href="/inside-gentoo/">Inside Gentoo</a></li> <li class="active"><a href="/support/">Support</a></li> <li class=""><a href="/get-involved/">Get involved</a></li> </ul> <ul class="nav navbar-nav navbar-right"> <li class=""><a href="/donate/"><span class="fa fa-heart" style="color:#d9534f;"></span> Donate</a></li> </ul> </div> </div> </div> </nav> <nav class="navbar navbar-grey navbar-stick" role="navigation"> <div class="container"> <div class="row"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-secondary-collapse"> <span class="sr-only">Toggle secondary navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> </div> <div class="collapse navbar-collapse navbar-secondary-collapse"> <ul class="nav navbar-nav"> <li class=""><a href="/support/consulting/">Consulting</a></li> <li class=""><a href="/support/documentation/">Documentation</a></li> <li class=""><a href="https://packages.gentoo.org/">Package database <span class="fa fa-fw fa-external-link-square external-link" title="This link will leave www.gentoo.org."></span></a></li> <li class=""><a href="/support/news-items/">Repository news items</a></li> <li class="active"><a href="/support/security/">Security</a></li> <li class=""><a href="/support/use-flags/">USE flags</a></li> <li class=""><a href="/support/rsync-mirrors/">rsync mirrors</a></li> </ul> </div> </div> </div> </nav> </header> <div class="container"> <div class="row"> <div id="content" class="col-md-12"> <h1 class="first-header">Gentoo security</h1> <div class="row"> <div class="col-xs-12 col-md-3 col-lg-3"> <ul class="nav nav-pills nav-stacked gentoo-nav"> <li class="active"><a href="/support/security/">Security</a></li> <li class=""><a href="/support/security/vulnerability-treatment-policy.html">Vulnerability Treatment Policy</a></li> <li class=""><a href="/support/security/stay-informed.html">Stay informed</a></li> </ul> </div> <div class="col-xs-12 col-md-9 col-lg-9"> <h2>Security in Gentoo Linux</h2> <p> Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our user's machines is of utmost importance to us. The <a href="https://wiki.gentoo.org/wiki/Project:Security">Security Project</a> is tasked with providing timely information about security vulnerabilities in Gentoo Linux, along with patches to secure those vulnerabilities. We work directly with vendors, end users, and other OSS projects to ensure all security incidents are responded to quickly and professionally. </p> <p> Documentation describing security team vulnerability treatment can be found in our <a href="vulnerability-treatment-policy.html">Vulnerability Treatment Policy</a>. </p> <h3>Installing a secure Gentoo system</h3> <p> The <a href="https://wiki.gentoo.org/wiki/Security_Handbook">Gentoo Security Handbook</a> gives information and tips for building a secure system and hardening existing systems. </p> <h3>Keeping Gentoo secure</h3> <p> Community members who wish to stay up-to-date with the security fixes should subscribe to GLSAs and apply GLSA instructions whenever an affected package is installed. Alternatively, regularly syncing the Gentoo ebuild repository and upgrading every package should also keep the system up-to-date security-wise. </p> <p> The <kbd>glsa-check</kbd> tool can be used to: </p> <ul> <li>Check if a specific GLSA applies to a system (<kbd>-p</kbd> option)</li> <li>List all GLSAs with applied/affected/unaffected status (<kbd>-l</kbd> option)</li> <li>Apply a given GLSA to a system (<kbd>-f</kbd> option).</li> </ul> <h2>Gentoo Linux Security Announcements (GLSAs)</h2> <p> Gentoo Linux Security Announcements are notifications that we send out to the community to inform them of security vulnerabilities related to Gentoo Linux or the packages contained in the <a href="https://gitweb.gentoo.org/repo/gentoo.git">Gentoo ebuild repository</a>. </p> <h3>Recent advisories</h3> <table class="table table-striped"> <tr> <td>GLSA 202502-01</td> <td><a href="https://security.gentoo.org/glsa/202502-01">OpenSSH: Multiple Vulnerabilities</a></td> <td class="text-right"> <span class="label label-warning">normal</span> </td> </tr> <tr> <td>GLSA 202501-11</td> <td><a href="https://security.gentoo.org/glsa/202501-11">PHP: Multiple Vulnerabilities</a></td> <td class="text-right"> <span class="label label-danger">high</span> </td> </tr> <tr> <td>GLSA 202501-10</td> <td><a href="https://security.gentoo.org/glsa/202501-10">Mozilla Firefox: Multiple Vulnerabilities</a></td> <td class="text-right"> <span class="label label-danger">high</span> </td> </tr> <tr> <td>GLSA 202501-09</td> <td><a href="https://security.gentoo.org/glsa/202501-09">QtWebEngine: Multiple Vulnerabilities</a></td> <td class="text-right"> <span class="label label-danger">high</span> </td> </tr> <tr> <td>GLSA 202501-08</td> <td><a href="https://security.gentoo.org/glsa/202501-08">Qt: Buffer Overflow</a></td> <td class="text-right"> <span class="label label-warning">normal</span> </td> </tr> </table> <p> For a full list of all published GLSAs, please see our <a href="https://security.gentoo.org/glsa/">GLSA index page</a>. </p> <h3>How to receive GLSAs</h3> <p> GLSA announcements are sent to the <a href="/get-involved/mailing-lists/">gentoo-announce@gentoo.org mailing-list</a>, and are published via <a href="https://security.gentoo.org/subscribe">RSS and Atom feeds</a>. </p> <h3 id="contact">Security team contact information</h3> <p> Gentoo Linux takes security vulnerability reports very seriously. Please file new vulnerability reports on <a href="https://bugs.gentoo.org">Gentoo Bugzilla</a> and assign them to the <span class="emphasis">Gentoo Security</span> product and <span class="emphasis">Vulnerabilities</span> component. The Gentoo Linux Security Team will ensure all security-related bug reports are responded to in a timely fashion. </p> <p> If errors or omissions are found in published GLSAs, please file a bug in <a href="https://bugs.gentoo.org">Gentoo Bugzilla</a> in the <em>Gentoo Security</em> product, with the <em>GLSA Errors</em> component. </p> <p> <a href="https://bugs.gentoo.org/enter_bug.cgi?product=Gentoo%20Security&amp;component=Vulnerabilities" class="btn btn-primary btn-sm"><span class="fa fa-fw fa-bug"></span> Report security vulnerability</a> <a href="https://bugs.gentoo.org/enter_bug.cgi?product=Gentoo%20Security&amp;component=GLSA%20Errors" class="btn btn-primary btn-sm"><span class="fa fa-fw fa-bug"></span> Report GLSA error</a> </p> <h3 id="confidential-contacts">Confidential contacts</h3> <p> You have two options to submit non-public vulnerabilities to the security team. You may submit a bug in <a href="https://bugs.gentoo.org/">Gentoo Bugzilla</a> using the <em>New-Expert</em> action, or the <em>Enter a new bug report (advanced)</em> link, and check the <em>Gentoo Security</em> checkbox in the <em>Only users in all of the selected groups can view this bug</em> section. You may also contact directly using encrypted mail one of the following security contacts: </p> <table class="table"> <tr> <td class="infohead"><b>Name</b></td> <td class="infohead"><b>Responsibility</b></td> <td class="infohead"><b>Email</b></td> <td class="infohead"><b>OpenPGP key ID (click to retrieve public key)</b></td> </tr> <tr> <td class="tableinfo">John Helmert III</td> <td class="tableinfo">Security lead</td> <td class="tableinfo"><a href="mailto:ajak@gentoo.org">ajak@gentoo.org</a></td> <td class="tableinfo"><a href="https://keys.gentoo.org/pks/lookup?op=get&search=0x39333C79B7BD85CD55C02E4C812BDFCB974B5783">0x39333C79B7BD85CD55C02E4C812BDFCB974B5783</a></td> </tr> <tr> <td class="tableinfo">Sam James</td> <td class="tableinfo">Security member</td> <td class="tableinfo"><a href="mailto:sam@gentoo.org">sam@gentoo.org</a></td> <td class="tableinfo"><a href="https://keys.gentoo.org/pks/lookup?op=get&search=0x5EF3A41171BB77E6110ED2D01F3D03348DB1A3E2">0x5EF3A41171BB77E6110ED2D01F3D03348DB1A3E2</a></td> </tr> <tr> <td class="tableinfo">Hans de Graaff</td> <td class="tableinfo">Security member</td> <td class="tableinfo"><a href="mailto:graaff@gentoo.org">graaff@gentoo.org</a></td> <td class="tableinfo"><a href="https://keys.gentoo.org/pks/lookup?op=get&search=0x818B58784EB13C5DD8CF401BBB1FE687EFDBB3EC">0x818B58784EB13C5DD8CF401BBB1FE687EFDBB3EC</a></td> </tr> </table> <div class="alert alert-info"> <strong>Note:</strong> In order to ensure the reception and fastest possible response for any confidential situation, we strongly encourage senders to email to at least two of the security contacts listed above. </div> <div class="alert alert-info"> <strong>Note:</strong> A full list of Gentoo developers, including their OpenPGP key ID, is visible in our <a href="/inside-gentoo/developers/">active developers list</a>. </div> <h2>Resources</h2> <h3>Security pages</h3> <ul> <li><a href="https://security.gentoo.org/glsa/">GLSA index page</a> — Full list of all published GLSAs.</li> <li><a href="https://security.gentoo.org/glsa/feed.rss">GLSA RSS feed</a> — GLSA RSS live feed.</li> <li><a href="vulnerability-treatment-policy.html">Vulnerability Treatment Policy</a> — The official policy of the security team.</li> <li><a href="https://wiki.gentoo.org/wiki/Project:Security">Gentoo Linux Security Project</a> — The security project page.</li> </ul> <h3>Links</h3> <ul> <li><a href="https://wiki.gentoo.org/wiki/Security_Handbook">Gentoo Security Handbook</a> — Step-by-step guide for hardening Gentoo Linux.</li> <li><a href="https://wiki.gentoo.org/wiki/Project:Hardened">Gentoo Hardened Project</a> — Bringing advanced security to Gentoo Linux.</li> <li><a href="/inside-gentoo/developers/">Active Developer List</a> — Active developer list including OpenPGP keys which can be used to verify GLSAs.</li> </ul> </div> </div> </div> </div> </div> <footer> <div class="container"> <div class="row"> <div class="col-xs-12 col-md-offset-2 col-md-7"> </div> <div class="col-xs-12 col-md-3"> <h3 class="footerhead">Questions or comments?</h3> Please feel free to <a href="/inside-gentoo/contact/">contact us</a>. </div> </div> </div> <div class="container-sitemap"> <div class="container"> <div class="row row-sitemap hidden-sm hidden-xs"> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/">Home</a></h3> <ul class="sitemap"> <li class=""><a href="/news/">News</a></li> </ul> </div> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/get-started/">Get Started</a></h3> <ul class="sitemap"> <li class=""><a href="/get-started/about/">About Gentoo</a></li> <li class=""><a href="/get-started/philosophy/">Philosophy</a></li> <li class=""><a href="/get-started/screenshots/">Screenshots</a></li> <li class=""><a href="https://wiki.gentoo.org/wiki/FAQ">FAQ <span class="fa fa-fw fa-external-link-square external-link" title="This link will leave www.gentoo.org."></span></a></li> </ul> </div> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/downloads/">Downloads</a></h3> <ul class="sitemap"> <li class=""><a href="/downloads/mirrors/">Mirrors</a></li> <li class=""><a href="/downloads/signatures/">Signatures</a></li> </ul> </div> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/inside-gentoo/">Inside Gentoo</a></h3> <ul class="sitemap"> <li class=""><a href="/inside-gentoo/developers/">Developers</a></li> <li class=""><a href="https://wiki.gentoo.org/wiki/Project:Gentoo">Projects <span class="fa fa-fw fa-external-link-square external-link" title="This link will leave www.gentoo.org."></span></a></li> <li class=""><a href="/glep/">GLEPs</a></li> <li class=""><a href="/inside-gentoo/artwork/">Artwork</a></li> <li class=""><a href="/inside-gentoo/foundation/">Gentoo Foundation</a></li> <li class=""><a href="/inside-gentoo/sponsors/">Sponsors</a></li> <li class=""><a href="/inside-gentoo/stores/">Stores</a></li> <li class=""><a href="/inside-gentoo/contact/">Contact</a></li> </ul> </div> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/support/">Support</a></h3> <ul class="sitemap"> <li class=""><a href="/support/consulting/">Consulting</a></li> <li class=""><a href="/support/documentation/">Documentation</a></li> <li class=""><a href="https://packages.gentoo.org/">Package database <span class="fa fa-fw fa-external-link-square external-link" title="This link will leave www.gentoo.org."></span></a></li> <li class=""><a href="/support/news-items/">Repository news items</a></li> <li class=""><a href="/support/security/">Security</a></li> <li class=""><a href="/support/use-flags/">USE flags</a></li> <li class=""><a href="/support/rsync-mirrors/">rsync mirrors</a></li> </ul> </div> <div class="col-xs-12 col-sm-4 col-md-2"> <h3 class="footerhead"><a href="/get-involved/">Get Involved</a></h3> <ul class="sitemap"> <li class=""><a href="/get-involved/irc-channels/">IRC channels</a></li> <li class=""><a href="https://forums.gentoo.org/">Forums <span class="fa fa-fw fa-external-link-square external-link" title="This link will leave www.gentoo.org."></span></a></li> <li class=""><a href="/get-involved/mailing-lists/">Mailing lists</a></li> <li class=""><a href="/get-involved/contribute/">Contribute</a></li> <li class=""><a href="/get-involved/become-developer/">Become a developer</a></li> <li class=""><a href="/get-involved/get-code/">Get the code</a></li> </ul> </div> </div> </div> </div> <div class="container"> <div class="row"> <div class="col-xs-3 col-md-2"> <ul class="footerlinks three-icons"> <li><a href="https://twitter.com/gentoo" title="@Gentoo on Twitter"><span class="fa fa-twitter fa-fw"></span></a></li> <li><a href="https://www.facebook.com/gentoo.org" title="Gentoo on Facebook"><span class="fa fa-facebook fa-fw"></span></a></li> </ul> <div> <div class="sitemap text-center"> <a href="https://wiki.gentoo.org/wiki/Foundation:Privacy_Policy">Privacy Policy</a> </div> </div> </div> <div class="col-xs-8 col-md-8"> <strong>&copy; 2001-2025 Gentoo Authors</strong><br> <small> Gentoo is a trademark of the Gentoo Foundation, Inc. and of Förderverein Gentoo e.V. The contents of this document, unless otherwise expressly stated, are licensed under the <a href="https://creativecommons.org/licenses/by-sa/4.0/" rel="license">CC-BY-SA-4.0</a> license. The <a href="/inside-gentoo/foundation/name-logo-guidelines.html">Gentoo Name and Logo Usage Guidelines</a> apply. </small> </div> <div class="col-xs-1 col-md-1"> <strong class="text-dark">Version</strong><br /> <small> <a class="text-dark" href="https://gitweb.gentoo.org/sites/www.git/commit/?id=5a7c833 ">5a7c833 </a> </small> <strong class="text-dark">Generated</strong><br /> <small> <span class="text-dark">Generated: 2025-02-26T11:15:15Z</span> </small> </div> </div> </div> </footer> <script src="https://assets.gentoo.org/tyrian/v1/jquery.min.js"></script> <script src="https://assets.gentoo.org/tyrian/v1/bootstrap.min.js"></script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10