Post Syndicated from ris original http://lwn.net/Articles/694236/rss
CentOS has updated thunderbird (C7; C6; C5: code execution).
Debian-LTS has updated drupal7
(open redirect vulnerability) and graphicsmagick (two vulnerabilities).
Fedora has updated expat (F22:
multiple vulnerabilities), gnutls (F24:
certificate verification vulnerability), gsi-openssh (F24: support GSI authentication),
httpd (F24: authentication bypass), krb5 (F22: buffer overflow), mbedtls (F23: three vulnerabilities), pdfbox (F23: XML External Entity (XXE)
attacks), pypy3 (F23; F22: two vulnerabilities), python (F22: startTLS stripping attack), python3 (F22: startTLS stripping attack), and
samba (F24: crypto downgrade).
Oracle has updated thunderbird (OL7; OL6: multiple vulnerabilities).
Ubuntu has updated libgd2
(multiple vulnerabilities), nspr (denial of
service), and nss (denial of service).