Security advisories for Wednesday

by
ris
from LWN.net on (#22Q8Y)

Debian has updated tomcat7 (multiple vulnerabilities), tomcat8 (multiple vulnerabilities), and vim (code execution).

Debian-LTS has updated moin (cross-site scripting), tiff (multiple vulnerabilities), and vim (code execution).

Gentoo has updated adobe-flash (multiple vulnerabilities), chromium (multiple vulnerabilities), poppler (code execution), rpcbind (denial of service), tar (file overwrite), and testdisk (code execution).

Mageia has updated bash (code execution), flex (buffer overflow), libssh2 (insecure ssh sessions), libxslt (code execution), and tre (code execution).

openSUSE has updated dovecot22(information disclosure), gnuchess (codeexecution), monit (two vulnerabilities), sudo (13.2: privilege escalation), and tar (13.2: file overwrite).

Oracle has updated ipsilon (OL7:information leak/denial of service) and memcached (OL7; OL6:multiple vulnerabilities).

Red Hat has updated memcached (RHEL7; RHEL6: code execution).

Scientific Linux has updated 389-ds-base (SL6: multiple vulnerabilities),firefox (SL5,6,7: multiplevulnerabilities), kernel (SL6: twovulnerabilities), memcached (SL6: codeexecution), nss and nss-util (SL5,6,7:multiple vulnerabilities), and policycoreutils (SL6,7: sandbox escape).

Slackware has updated ntp (multiple vulnerabilities).

SUSE has updated java-1_8_0-openjdk (SLE12-SP1,2: multiplevulnerabilities) and pacemaker (SLE12-SP2:two vulnerabilities).

Ubuntu has updated gst-plugins-good0.10, gst-plugins-good1.0(code execution), python2.7, python3.2,python3.4, python3.5 (16.04, 14.04, 12.04: multiple vulnerabilities), and tar (file overwrite).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments