Friday's security updates

n8willis

from LWN.net on 2016-01-08 16:46 (#1027F)

CentOS has updated gnutls (C6; C7: signature forgery),libldb (C6; C7: multiple vulnerabilities), nss (C6; C7: signature forgery),openssl (C6; C7: signature forgery), rpcbind (C6; C7:denial of service),samba (C6; C7: multiple vulnerabilities), and samba4 (C6: multiple vulnerabilities).

Fedora has updated bugzilla (F23; F22:multiple vulnerabilities),kea (F22: denial of service), libvirt (F22: path traversal), mediawiki (F22: multiple vulnerabilities), nghttp2 (F23: code execution), roundcubemail (F23; F22:path traversal),ruby (F22: multiple vulnerabilities), and shellinabox (F23; F22:DNS rebinding).

openSUSE has updated wireshark (13.1, 13.2, Leap 42.1:multiple vulnerabilities).

Oracle has updated gnutls (O6; O7: signature forgery),libldb (O7; O6: remote memory disclosure), nss (O7; O6: signature forgery),openssl (O7; O6: signature forgery), rpcbind (O7; O6:denial of service),samba (O6; O7: multiple vulnerabilities), and samba4 (O6: multiple vulnerabilities).

Red Hat has updated gnutls(RHEL 6,7: signature forgery), libldb(RHEL 6,7: multiple vulnerabilities), nss (RHEL 6,7: signature forgery), openssl (RHEL 6,7: signature forgery), openstack-nova (RHEL 6: insecure VM instances), rpcbind (RHEL 6,7: denial of service), samba (RHEL 7; RHEL 6: multiple vulnerabilities),and samba4 (RHEL 6: multiple vulnerabilities).

Scientific Linux has updated gnutls (SL 6,7: signature forgery), libldb (SL 6,7: multiple vulnerabilities), nss (SL 6,7: signature forgery), openssl (SL 6,7: signature forgery), rpcbind (SL 6,7: denial of service), samba (SL 7; SL6: multiple vulnerabilities),and samba4 (SL 6: multiple vulnerabilities).

Ubuntu has updated gnutls26,gnutls28 (12.04, 14.04, 15.04: signature forgery), nss (12.04, 14.04, 15.04, 15.10: signature forgery), and openssl (12.04: signature forgery).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/