Post Syndicated from ris original http://lwn.net/Articles/688445/rss
Debian has updated wireshark (multiple vulnerabilities).
Debian-LTS has updated extplorer (cross-site request forgery), graphicsmagick (multiple vulnerabilities), and imagemagick (multiple vulnerabilities).
Fedora has updated cacti (F23; F22: SQL
injection), dosfstools (F23: two
vulnerabilities), libksba (F22: denial of
service), libndp (F23; F22: man-in-the-middle attacks), mingw-openssl (F23: multiple vulnerabilities),
moodle (F23: multiple vulnerabilities), openvpn (F22: multiple vulnerabilities),
pgpdump (F23; F22: denial of service), php-symfony
(F23; F22:
buffer overflow), qemu (F22: multiple
vulnerabilities), rpm (F22: two
vulnerabilities), thunderbird (F23: multiple vulnerabilities), and wordpress (F23; F22: two cross-site scripting vulnerabilities).
Mageia has updated apache-mod_nss (invalid handling of +CIPHER operator), bugzilla (cross-site scripting), jansson (denial of service), libgd (denial of service), libreoffice (code execution), networkmanager (information leak), openvpn (multiple vulnerabilities), p7zip (code execution), php-ZendFramework2 (insecure ciphertexts), and wpa_supplicant (two vulnerabilities).
openSUSE has updated kernel
(Leap42.1: multiple vulnerabilities).
Oracle has updated docker-engine (OL7; OL6:
privilege escalation) and kernel 3.8.13 (OL7; OL6:
multiple vulnerabilities), kernel 2.6.39 (OL6; OL5:
multiple vulnerabilities), kernel 2.6.32 (OL6; OL5: multiple vulnerabilities).
Red Hat has updated kernel
(RHEL6.4: two remote denial of service vulnerabilities).
Scientific Linux has updated libndp (SL7: man-in-the-middle attacks).
Slackware has updated curl (server spoofing).
SUSE has updated firefox
(SLE11-SP4,SP3: multiple vulnerabilities), java-1_6_0-ibm (SOSC5, SMP2.1, SM2.1,
SLES11SP3,SP2: multiple vulnerabilities), and java-1_7_0-ibm (SOSC5, SMP2.1, SM2.1,
SLES11SP3,SP2: multiple vulnerabilities).