Thursday's security updates

n8willis

from LWN.net on 2016-03-10 17:31 (#16NPS)

Arch Linux has updated bind (denial of service), chromium (multiple vulnerabilities), exim (privilege escalation), firefox (multiple vulnerabilities), libotr (code execution), and perl (ambiguous environment).

Debian has updated bind9(multiple vulnerabilities), chromium-browser (multiple vulnerabilities), iceweasel (multiple vulnerabilities), libotr (code execution), and rails (multiple vulnerabilities).

Fedora has updated 389-ds-base (F22; F23:denial or service),community-mysql (F22; F23: multiple vulnerabilities), drupal7 (F22; F23:multiple vulnerabilities),gummi (F22; F23: predictable filenames in /tmp), libmodbus (F22; F23:buffer overflow),libssh2 (F22: insecure ssh sessions), php-udan11-sql-parser (F23: multiple vulnerabilities), phpMyAdmin (F23: multiple vulnerabilities), and qpid-cpp (F23: multiple vulnerabilities).

Gentoo has updated fuse(privilege escalation)and libreoffice (multiple vulnerabilities).

Mageia has updated firefox(M5: multiple vulnerabilities), libvirt (M5: privilege escalation), and pigz (M5: directory traversal).

openSUSE has updated libotr,libotr2 (13.2, Leap 42.1: code execution), OpenVPN (13.2: multiple vulnerabilities), and php5 (13.2: stack overflow).

Oracle has updated firefox (O5; O7; O6: multiple vulnerabilities), libssh2 (O7: insecure ssh sessions), nss-util (O6: code execution), and openssl098e (O6: multiple vulnerabilities).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities) and libssh2 (RHEL 6,7: insecure ssh sessions).

Slackware has updated bind(multiple vulnerabilities) and mozilla(14.0, 14.1, current: ).

Ubuntu has updated bind9(12.04, 14.04, 15.10: denial of service) and nss (12.04, 14.04, 15.10: denial of service).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/