Security updates for Monday

Arch Linux has updated cacti (SQLinjection), glibc (unbound stack usage),and lib32-glibc (unbound stack usage).

Debian has updated cacti (SQLinjection), drupal7 (multiplevulnerabilities), gajim (problem inprevious update), php-horde (cross-site scripting), php-horde-core (cross-site scripting), pillow (multiple vulnerabilities), and xymon (multiple vulnerabilities).

Debian-LTS has updated bsh (codeexecution), gtk+2.0 (multiplevulnerabilities), ia32-libs (multiplevulnerabilities), libebml (twovulnerabilities), lxc (two vulnerabilities,one from 2013), pcre3 (code execution), andtomcat6 (multiple vulnerabilities).

Fedora has updated bind99 (F22:denial of service), jabberd (F23:cryptographically insecure), kernel (F23; F22:multiple vulnerabilities), libreoffice(F22: code execution), libssh (F23:insecure ssh sessions), libssh2 (F23:insecure ssh sessions), rubygem-actionpack (F23; F22:multiple vulnerabilities), rubygem-actionview (F23; F22:directory traversal), rubygem-activemodel (F23; F22:validation bypass), rubygem-activerecord (F23; F22: twovulnerabilities), rubygem-activesupport (F23; F22:authentication bypass), rubygem-rails-html-sanitizer (F23; F22:multiple vulnerabilities), and xen (F23:denial of service).

Gentoo has updated libwmf(multiple vulnerabilities).

Mageia has updated vlc (multiple vulnerabilities).

openSUSE has updated bouncycastle(Leap42.1, 13.2: signature forgery), dhcp(13.2: denial of service), and nodejs(Leap42.1, 13.2: two vulnerabilities).

Red Hat has updated openstack-glance (RHELOSP6: authorizationbypass) and rabbitmq-server (RHELOSP6: two vulnerabilities).

Slackware has updated libssh (insecure ssh sessions).

Ubuntu has updated kernel (15.10:regression in previous update), linux-lts-wily (14.04: regression in previousupdate), linux-lts-utopic (14.04:regression in previous update), and linux-lts-vivid (14.04: regression in previous update).