Post Syndicated from ris original http://lwn.net/Articles/696693/rss
Arch Linux has updated glibc (two
denial of service vulnerabilities), lib32-glibc (two denial of service
vulnerabilities), and libupnp
(unauthenticated access).
Debian has updated kde4libs (command execution) and lighttpd (man-in-the-middle attacks).
Debian-LTS has updated mongodb (two vulnerabilities), mupdf (denial of service), and openjdk-7 (multiple vulnerabilities).
Fedora has updated curl (F24:
three vulnerabilities), firefox (F23:
multiple vulnerabilities), libgcrypt (F23:
key leak), and xen (F24: multiple vulnerabilities).
Mageia has updated ruby-eventmachine (denial of service).
openSUSE has updated bsdiff
(Leap42.1, 13.2: denial of service), Chromium (Leap42.1, 13.2; SPH for SLE12: multiple
vulnerabilities), java-1_8_0-openjdk (13.2:
multiple vulnerabilities), libvirt
(Leap42.1: authentication bypass), redis (Leap42.1, 13.2; SPH for SLE12: information leak),
and wireshark (Leap42.1, 13.2: multiple vulnerabilities).
Slackware has updated curl (three
vulnerabilities), firefox (multiple
vulnerabilities), openssh (two vulnerabilities), and stunnel (two vulnerabilities).