Post Syndicated from jake original http://lwn.net/Articles/697941/rss
Arch Linux has updated linux-lts
(connection hijacking).
CentOS has updated kernel (C7:
connection hijacking).
Debian-LTS has updated cracklib2
(code execution) and suckless-tools (screen
lock bypass).
Fedora has updated firewalld
(F24: authentication bypass), glibc (F24:
denial of service on armhfp), knot (F24; F23:
denial of service), libgcrypt (F24: bad
random number generation), and perl (F23:
privilege escalation).
openSUSE has updated apache2-mod_fcgid (42.1, 13.2: proxy
injection), gd (13.2: multiple
vulnerabilities), iperf (SPHfSLE12;
42.1, 13.2: denial of service), pdns (42.1, 13.2: denial of service), python3 (42.1, 13.2: multiple
vulnerabilities), roundcubemail (42.1; 13.2; 13.1: multiple vulnerabilities, two from
2015), and typo3-cms-4_7 (42.1, 13.2: three
vulnerabilities from 2013 and 2014).
Scientific Linux has updated kernel (SL7: connection hijacking) and python (SL6&7: three vulnerabilities).