Security updates for Tuesday

by
ris
from LWN.net on (#1FNCA)

Arch Linux has updated chromium (multiple vulnerabilities).

CentOS has updated ntp (C7; C6:multiple vulnerabilities), openssl (C5:code execution), squid (C7; C6: multiple vulnerabilities), and squid34 (C6: multiple vulnerabilities).

Debian has updated gdk-pixbuf(two vulnerabilities) and symfony (two vulnerabilities).

Debian-LTS has updated eglibc(multiple vulnerabilities), libtasn1-3(denial of service), openafs (multiplevulnerabilities), pdns (insecure databasepermissions), phpmyadmin (regression inprevious update), postgresql-9.1 (multiplevulnerabilities), ruby-activerecord-3.2(restriction bypass), and wireshark (multiple vulnerabilities).

Fedora has updated bugzilla (F23; F22:cross-site scripting), kf5-kinit (F23:insecure permissions), libarchive (F22:code execution), libimobiledevice (F23:sockets listening on INADDR_ANY), libusbmuxd (F23: sockets listening onINADDR_ANY), php (F23: twovulnerabilities), qemu (F23: multiplevulnerabilities), webkitgtk4 (F23: twovulnerabilities), and xen (F23; F22: privilege escalation).

Gentoo has updated libfpx (denial of service), nss (multiple vulnerabilities), pam (multiple vulnerabilities), and rsync (multiple vulnerabilities).

Mageia has updated botan (two vulnerabilities), docker (privilege escalation), mediawiki (multiple vulnerabilities), and phpmyadmin (cross-site scripting).

openSUSE has updated Chromium (SPH for SLE12; Leap42.1: multiple vulnerabilities), expat (13.2: two vulnerabilities), libxml2 (13.2: two vulnerabilities), libxslt (13.2: denial of service), phpMyAdmin (Leap42.1, 13.2: cross-sitescripting), redis (Leap42.1, 13.2: denialof service), and samba (13.2:man-in-the-middle attack).

Red Hat has updated ntp (RHEL6,7:multiple vulnerabilities), openssl (RHEL5:code execution), python27 (RHSCL2.2:multiple vulnerabilities), squid (RHEL7; RHEL6:multiple vulnerabilities), and squid34(RHEL6: multiple vulnerabilities).

Slackware has updated imagemagick (shell vulnerability), libxml2 (three vulnerabilities), libxslt (denial of service), thunderbird (multiple vulnerabilities), and php (multiple vulnerabilities).

SUSE has updated Xen (SLES10-SP4:multiple vulnerabilities).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments