Thursday's security updates

CentOS has updated gstreamer-plugins-bad-free (C6: two codeexecution flaws), gstreamer-plugins-good(C6: multiple vulnerabilities), thunderbird (C7; C6: multiple vulnerabilities), and vim (C7; C6: code execution).

Debian-LTS has updated imagemagick (multiple vulnerabilities) and libgd2 (code execution).

Fedora has updated dovecot (F24:denial of service), msgpuck (F25; F24: two denial of service flaws), andtarantool (F25; F24: two denial of service flaws).

openSUSE has updated gd (13.2:code execution), GraphicsMagick (twovulnerabilities), ImageMagick (13.2: multiple vulnerabilities),mcabber (42.2: information disclosure from2015), php5 (13.2: three vulnerabilities),qemu (42.2: multiple vulnerabilities), and shellinabox (HTTP fallback from 2015).

Oracle has updated gstreamer-plugins-bad-free (OL6: two codeexecution flaws), gstreamer-plugins-good(OL6: multiple vulnerabilities), kernel 2.6.39 (OL6; OL5: two vulnerabilities), kernel3.8.13 (OL7; OL6: two vulnerabilities), kernel 4.1.12OL7; OL6:code execution), and thunderbird (OL7; OL6: multiple vulnerabilities).

Red Hat has updated openstack-cinder/glance/nova (RHOSP8.0: denialof service from 2015).

SUSE has updated firefox (SLE12; SLE11SP4&3; SLE11SP2: multiple vulnerabilities), kernel (SLE12: two vulnerabilities), andxen (SLE12; SLE12SP2; SLE12SP1; SLE11SP4: three vulnerabilities).