Tuesday's security advisories

CentOS has updated thunderbird (C7; C6; C5: code execution).

Debian-LTS has updated drupal7(open redirect vulnerability) and graphicsmagick (two vulnerabilities).

Fedora has updated expat (F22:multiple vulnerabilities), gnutls (F24:certificate verification vulnerability), gsi-openssh (F24: support GSI authentication),httpd (F24: authentication bypass), krb5 (F22: buffer overflow), mbedtls (F23: three vulnerabilities), pdfbox (F23: XML External Entity (XXE)attacks), pypy3 (F23; F22: two vulnerabilities), python (F22: startTLS stripping attack), python3 (F22: startTLS stripping attack), andsamba (F24: crypto downgrade).

Oracle has updated thunderbird (OL7; OL6: multiple vulnerabilities).

Ubuntu has updated libgd2(multiple vulnerabilities), nspr (denial ofservice), and nss (denial of service).