Security updates for Friday

by
jake
from LWN.net on (#23S18)

Arch Linux has updated firefox(two vulnerabilities) and thunderbird (code execution).

CentOS has updated thunderbird (C6; C5: code execution).

Debian-LTS has updated firefox-esr (multiple vulnerabilities), imagemagick (multiple vulnerabilities, many from 2014 and 2015), monit (cross-site request forgery), tomcat6 (multiple vulnerabilities), and tomcat7 (multiple vulnerabilities).

Fedora has updated calamares (F25; F24:encryption bypass), jenkins (F25: code execution), jenkins-remoting (F25: code execution), moin (F25; F24; F23: cross-site scripting flaws), mujs (F23: multiple vulnerabilities), and zathura-pdf-mupdf (F23: multiple vulnerabilities).

Gentoo has updated davfs2(privilege escalation from 2013) and gnupg(flawed random number generation).

openSUSE has updated libtcnative-1-0 (42.2, 42.1: SSL improvements)and pacemaker (42.2: two vulnerabilities).

Oracle has updated firefox (OL7; OL6; OL5: code execution).

Red Hat has updated firefox (codeexecution).

SUSE has updated kernel (SLE11: multiple vulnerabilities, some from 2013 and 2015)and ImageMagick(SLE11: multiple vulnerabilities, some from 2014 and 2015).

Ubuntu has updated ghostscript(multiple vulnerabilities, one from 2013) and oxide-qt (16.10,16.04, 14.04: multiple vulnerabilities).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments