DirectFB (Direct Frame Buffer) is a set of graphics APIs implemented on top of the Linux Frame Buffer (fbdev) abstraction layer.
Multiple vulnerabilities have been discovered in DirectFB. Please review the CVE identifiers referenced below for details.
Remote attackers could cause a Denial of Service condition or execute arbitrary code via the Voodoo interface.
There is no known workaround at this time.
All DirectFB users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/DirectFB-1.7.5"