Security advisories for Wednesday

ris

from LWN.net on 2016-01-27 17:37 (#121H4)

CentOS has updated bind (C7; C6; C5: denial of service), bind97 (C5: denial of service), and firefox (C7; C6; C5: code execution).

Debian has updated chromium-browser (multiple vulnerabilities), curl (authentication bypass), and virtualbox (multiple vulnerabilities).

Debian-LTS has updated nginx (denial of service), radicale (multiple vulnerabilities), and tiff (code execution).

Fedora has updated cgit (F23:three vulnerabilities), kernel (F23:multiple vulnerabilities), and perl-PathTools (F22: returns untainted strings).

Gentoo has updated adobe-flash (multiple vulnerabilities), opensmtpd (multiple vulnerabilities), and webkit-gtk (multiple vulnerabilities).

openSUSE has updated Chromium (SPH SLE12; Leap42.1, 13.2: multiple vulnerabilities), openldap (13.1: two vulnerabilities), php5 (13.2: three vulnerabilities), and tiff (Leap42.1: denial of service).

Oracle has updated java-1.6.0-openjdk (OL7; OL6; OL5: multiple vulnerabilities).

Red Hat has updated bind(RHEL5,6,7: denial of service), bind97(RHEL5: denial of service), chromium-browser (RHEL6: multiplevulnerabilities), firefox (RHEL5,6,7: code execution), and RHOSE (multiple vulnerabilities).

Scientific Linux has updated java-1.6.0-openjdk (SL5,6,7: multiple vulnerabilities).

SUSE has updated java-1_8_0-openjdk (SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated firefox (multiple vulnerabilities).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/