Post Syndicated from ris original http://lwn.net/Articles/692848/rss
Arch Linux has updated chromium (multiple vulnerabilities), libdwarf (multiple vulnerabilities), libpurple (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), vlc (code execution), and xerces-c (code execution).
Debian has updated libpdfbox-java (XML External Entity (XXE) attacks).
Debian-LTS has updated gimp
(use-after-free), java-common (OpenJDK 6 no
longer supported), libcommons-fileupload-java (denial of service), mysql-connector-java (information disclosure), nss (denial of service), and tomcat7 (denial of service).
Fedora has updated drupal7 (F24:
privilege escalation), mirrormanager (F24; F23; F22: unspecified), optipng (F23: code execution), python (F23: man-in-the-middle attack), and qemu (F24: multiple vulnerabilities).
Gentoo has updated claws-mail
(multiple vulnerabilities), freexl
(multiple vulnerabilities), hostapd
(multiple vulnerabilities), imagemagick
(multiple vulnerabilities), libssh
(multiple vulnerabilities), plib (code
execution from 2011), and sudo (privilege escalation).
openSUSE has updated libarchive
(13.2: denial of service), libav (Leap42.1:
two vulnerabilities), libtasn1 (Leap42.1:
denial of service), libtorrent-rasterbar
(13.1: denial of service), mariadb
(Leap42.1: multiple vulnerabilities), p7zip
(Leap42.1: code execution), php5 (Leap42.1:
multiple vulnerabilities), and rsync
(Leap42.1: unsafe destination path).
Oracle has updated kernel 2.6.32 (OL6; OL5:
privilege escalation).
Red Hat has updated kernel-rt
(RHEMRG2.5: multiple vulnerabilities).
Scientific Linux has updated kernel (SL7: two vulnerabilities).
Slackware has updated php (multiple vulnerabilities).