Security advisories for Tuesday

Arch Linux has updated flashplugin,lib32-flashplugin (multiple vulnerabilities), libpng (code execution), and openvpn (information disclosure).

Fedora has updated activemq (F22:unsafe deserialization), bind99 (F22:denial of service), dhcp (F22: denial ofservice), gwenhywfar (F23; F22: certificate update), libpng10 (F23: read underflow), libvirt (F23: path traversal),nodejs-handlebars (F23; F22: cross-site scripting), php-horde-Horde-Core (F23: cross-sitescripting), php-horde-Horde-Perms (F23:cross-site scripting), php-horde-Horde-Service-Weather (F23:cross-site scripting), qemu (F22: denial ofservice), and sos (F23: privilege escalation).

Mageia has updated blueman(privilege escalation), bouncycastle(invalid curve attack), flash-player-plugin(multiple vulnerabilities), libpng12 (read underflow), perl-HTML-Scrubber (cross-site scripting), subversion (code execution), and thunderbird (multiple vulnerabilities).

openSUSE has updated bind (11.4:denial of service) and grub2 (11.4: code execution).

Red Hat has updated flash-plugin(RHEL5,6: multiple vulnerabilities).

SUSE has updated grub2 (SLE12-SP1; SLE11-SP4; SLE11-SP3: code execution).