Post Syndicated from ris original http://lwn.net/Articles/689239/rss
Arch Linux has updated chromium (multiple vulnerabilities).
CentOS has updated ntp (C7; C6:
multiple vulnerabilities), openssl (C5:
code execution), squid (C7; C6: multiple vulnerabilities), and squid34 (C6: multiple vulnerabilities).
Debian has updated gdk-pixbuf
(two vulnerabilities) and symfony (two vulnerabilities).
Debian-LTS has updated eglibc
(multiple vulnerabilities), libtasn1-3
(denial of service), openafs (multiple
vulnerabilities), pdns (insecure database
permissions), phpmyadmin (regression in
previous update), postgresql-9.1 (multiple
vulnerabilities), ruby-activerecord-3.2
(restriction bypass), and wireshark (multiple vulnerabilities).
Fedora has updated bugzilla (F23; F22:
cross-site scripting), kf5-kinit (F23:
insecure permissions), libarchive (F22:
code execution), libimobiledevice (F23:
sockets listening on INADDR_ANY), libusbmuxd (F23: sockets listening on
INADDR_ANY), php (F23: two
vulnerabilities), qemu (F23: multiple
vulnerabilities), webkitgtk4 (F23: two
vulnerabilities), and xen (F23; F22: privilege escalation).
Gentoo has updated libfpx (denial of service), nss (multiple vulnerabilities), pam (multiple vulnerabilities), and rsync (multiple vulnerabilities).
Mageia has updated botan (two vulnerabilities), docker (privilege escalation), mediawiki (multiple vulnerabilities), and phpmyadmin (cross-site scripting).
openSUSE has updated Chromium (SPH for SLE12; Leap42.1: multiple vulnerabilities), expat (13.2: two vulnerabilities), libxml2 (13.2: two vulnerabilities), libxslt (13.2: denial of service), phpMyAdmin (Leap42.1, 13.2: cross-site
scripting), redis (Leap42.1, 13.2: denial
of service), and samba (13.2:
man-in-the-middle attack).
Red Hat has updated ntp (RHEL6,7:
multiple vulnerabilities), openssl (RHEL5:
code execution), python27 (RHSCL2.2:
multiple vulnerabilities), squid (RHEL7; RHEL6:
multiple vulnerabilities), and squid34
(RHEL6: multiple vulnerabilities).
Slackware has updated imagemagick (shell vulnerability), libxml2 (three vulnerabilities), libxslt (denial of service), thunderbird (multiple vulnerabilities), and php (multiple vulnerabilities).
SUSE has updated Xen (SLES10-SP4:
multiple vulnerabilities).