Friday's security updates

n8willis

from LWN.net on 2015-03-06 16:58 (#4DKP)

Debian has updated libarchive (directory traversal).

Debian-LTS has updated eglibc (multiple vulnerabilities).

Fedora has updated gnupg(F21: multiple vulnerabilities), libjpeg-turbo (F20; F21: denial of service), and qt (F20: denial of service).

Gentoo has updated jasper(multiple vulnerabilities).

Mageia has updated dokuwiki(M4: access control circumvention), maradns (M4: denial of service), python (M4: missing hostname check), vlc (M4: code execution), and vorbis-tools (M4: multiple vulnerabilities).

openSUSE has updated chromium (13.1, 13.2: multiple vulnerabilities) and php5 (13.1, 13.2: multiple vulnerabilities).

Oracle has updated 389-ds-base (O6: information disclosure).

Red Hat has updated 389-ds-base (RHEL6; RHEl7:information disclosure),chromium-browser (RHEL6: multiple vulnerabilities), firefox (RHEL7: multiple vulnerabilities), glibc (RHEL7: multiple vulnerabilities), gnome-shell, mutter, clutter, cogl (RHEL7:denial of service), hivex (RHEL7: code execution), httpd (RHEL7: multiple vulnerabilities), ipa (RHEL7: multiple vulnerabilities), kernel (RHEL7: multiple vulnerabilities), krb5 (RHEL7: multiple vulnerabilities), libreoffice (RHEL7: multiple vulnerabilities), libvirt (RHEL7: multiple vulnerabilities), openssh (RHEL7: multiple vulnerabilities), openstack-glance (RHEL OSP6: denial of service), pcre (RHEL7: denial of service), powerpc-utils (RHEL7: information disclosure), ppc64-diag (RHEL7: information disclosure), qemu-kvm (RHEL7: multiple vulnerabilities), qemu-kvm-rhev (RHEL OSP6: buffer overflow), redhat-access-plugin-openstack (RHELOSP6: information disclosure), thunderbird (RHEL7: multiple vulnerabilities), and virt-who (RHEL7: credentials disclosure).

Slackware has updated samba(14.1: code execution).

SUSE has updated PHP 5.3(SLES11: multiple vulnerabilities).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/