Friday's security updates

n8willis

from LWN.net on 2016-03-11 15:57 (#16S33)

Arch Linux has updated flashplugin (multiple vulnerabilities) and lib32-flashplugin (multiple vulnerabilities).

CentOS has updated libssh2 (C6; C7:insecure ssh sessions)and xerces-c (C7: code execution).

Fedora has updated firefox(F23: multiple vulnerabilities), kernel (F23: denial of service), and php-htmLawed (F23: unspecified vulnerability).

Mageia has updated bind(M5: multiple vulnerabilities), flash-player-plugin (M5: multiple vulnerabilities), openssh (M5: command injection), php/timezone/php-timezonedb (M5: multiple vulnerabilities), and samba (M5: ACL ownership overwrite).

openSUSE has updated Adobe Flash Player (13.2: multiple vulnerabilities),exim (13.2, Leap 42.1: privilege escalation), libssh (Leap 42.1: insecure ssh sessions), and openssl (Leap 42.1: multiple vulnerabilities).

Oracle has updated libssh2(O6: insecure ssh sessions) and xerces-c (O7: code execution).

Red Hat has updated xerces-c(RHEL7: code execution).

Scientific Linux has updated libssh2 (SL 6,7: insecure ssh sessions) and xerces-c (SL7: code execution).

Slackware has updated openssh (command injection).

SUSE has updated flash-player (SLE12; SLE11: multiple vulnerabilities).

Ubuntu has updated libotr(12.04: denial of service).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/