Post Syndicated from ris original http://lwn.net/Articles/695318/rss
Arch Linux has updated chromium (multiple vulnerabilities), python-django (cross-site scripting), and python2-django (cross-site scripting).
Debian has updated openssh (user
enumeration via timing side-channel), perl
(two vulnerabilities), and phpmyadmin
(multiple vulnerabilities).
Debian-LTS has updated squid3 (denial of service).
Fedora has updated ca-certificates (F24: certificate update), gd (F24: multiple vulnerabilities), httpd (F24: HTTP redirect),
kf5-karchive (F24; F23: command execution, over a hundred
related KDE Frameworks packages were included in this update), libgcrypt (F24: key leak), libidn (F24: multiple vulnerabilities), libvirt (F24: authentication bypass), and mingw-gnutls (F24: certificate verification vulnerability).
openSUSE has updated Chromium (SPH for SLE12; Leap42.1; 13.2:
multiple vulnerabilities) and gnugk
(Leap42.1, 13.2: denial of service).
Red Hat has updated mariadb55-mariadb (RHSCL: many
vulnerabilities) and mysql55-mysql (RHSCL:
many vulnerabilities).
Slackware has updated bind (denial of service).