Post Syndicated from ris original http://lwn.net/Articles/687588/rss
Arch Linux has updated glibc (two vulnerabilities), lib32-glibc (two vulnerabilities), and thunderbird (multiple vulnerabilities).
CentOS has updated thunderbird
(C5: two vulnerabilities).
Debian has updated icedove (three vulnerabilities), jansson (denial of service), libidn (information disclosure), and xerces-c (code execution).
Debian-LTS has updated dosfstools (two vulnerabilities), icedove (three vulnerabilities), jansson (denial of service), python-tornado (side-channel attack), and wpa (two vulnerabilities).
Fedora has updated botan (F23; F22:
three vulnerabilities), community-mysql (F23; F22:
multiple vulnerabilities), gd (F22: code
execution), jackson-dataformat-xml (F23; F22: XXE
attack), kernel (F22: multiple
vulnerabilities), ocaml (F23: code
execution), openvpn (F23: multiple
vulnerabilities), and qemu (F23: multiple vulnerabilities).
Mageia has updated jackson-dataformat-xml (XXE attack) and ntp (multiple vulnerabilities).
openSUSE has updated Chromium
(Leap42.1, 13.2: multiple vulnerabilities).
Oracle has updated file (OL6:
multiple vulnerabilities), icedtea-web
(OL6: applet execution), and ntp (OL6: multiple vulnerabilities).
SUSE has updated ImageMagick
(SLE11: code execution) and java-1_6_0-ibm
(SLEMLS12: multiple vulnerabilities).