Security advisories for Monday

by
ris
from LWN.net on (#13A7V)

Arch Linux has updated lib32-libsndfile (multiple vulnerabilities) and libsndfile (multiple vulnerabilities).

Debian has updated polarssl (code execution) and tiff (multiple vulnerabilities).

Debian-LTS has updated eglibc (multiple vulnerabilities) and linux-2.6 (multiple vulnerabilities).

Fedora has updated claws-mail(F23: stack-based buffer overflow), nginx(F22: denial of service), and prosody (F23:insecure handling of dialback keys).

Mageia has updated cakephp (denial of service), cgit (three vulnerabilities), curl (authentication bypass), cyrus-imapd (two vulnerabilities), docker/golang (two vulnerabilities), gajim (man-in-the-middle), imlib2 (denial of service), java-1.8.0-openjdk/copy-jdk-configs/lua-lunit/lua-posix (multiple vulnerabilities), krb5 (three vulnerabilities), phpmyadmin/phpseclib (multiple vulnerabilities), and socat (man-in-the-middle).

openSUSE has updated curl (Leap42.1; 13.2; 13.1:authentication bypass), mariadb (Leap42.1; 13.2: multiple vulnerabilities), mysql(Leap42.1, 13.2; 13.1: multiple vulnerabilities), nginx (Leap42.1: denial of service), openssl (13.2: man-in-the-middle), php5 (Leap42.1: two vulnerabilities), phpMyAdmin (Leap42.1, 13.2: multiplevulnerabilities), rubygem-actionpack-3_2(13.2: multiple vulnerabilities), rubygem-actionpack-4_2 (Leap42.1: multiplevulnerabilities), rubygem-rails-html-sanitizer (Leap42.1:multiple vulnerabilities), and phpmyadmin(13.1: multiple vulnerabilities).

Red Hat has updated openstack-swift (RHELOSP5 for RHEL6; RHELOSP5 for RHEL7; RHELOSP6 for RHEL7: denial ofservice) and python-django(RHELOSP6 for RHEL7: information disclosure).

SUSE has updated kernel(SLE11-SP3: multiple vulnerabilities).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments