Monday's security advisories

by
jake
from LWN.net on (#2DBHW)

Debian-LTS has updated gst-plugins-bad0.10 (two vulnerabilities), gst-plugins-base0.10 (two vulnerabilities), gst-plugins-good0.10 (two vulnerabilities), gst-plugins-ugly0.10 (two vulnerabilities),and wireshark (denial of service).

Fedora has updated bind (F24:denial of service), python-peewee (F25; F24:largely unspecified), sshrc (F25:unspecified), and zoneminder (F25;F24: information disclosure).

Gentoo has updated glibc (multiple vulnerabilities,most from 2014 and 2015), mupdf (threevulnerabilities), and ntfs3g (privilege escalation).

Mageia has updated gnutls (multiple vulnerabilities),gtk-vnc (two vulnerabilities), iceape (multiple vulnerabilities), jitsi (user spoofing), libarchive (denial of service), libgd (multiple vulnerabilities), lynx (URL spoofing), mariadb (multiple vulnerabilities, almost all unspecified), netpbm (multiple vulnerabilities), openjpeg2 (multiple vulnerabilities), tomcat (information disclosure), and viewvc (cross-site scripting).

openSUSE has updated chromium(42.2, 42.1: multiple vulnerabilities), firebird(42.2, 42.1: access restriction bypass), java-1_7_0-openjdk (42.2, 42.1: multiple vulnerabilities), mcabber (42.2: user spoofing), mupdf (42.2, 42.1: multiple vulnerabilities), open-vm-tools (42.1: CVE with no descriptionfrom 2015), opus (42.2, 42.1: codeexecution), tiff (42.2, 42.1: codeexecution), and vim (42.1: code execution).

Red Hat has updated openssl(RHEL7&6: two vulnerabilities).

Scientific Linux has updated openssl (SL7&6: two vulnerabilities).

SUSE has updated kernel (SLE12: denial of service) and kernel (SLE11:multiple vulnerabilities, some from 2004, 2012, and 2015).

Ubuntu has updated python-crypto(16.10, 16.04, 14.04: regression in previous update).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments