Security advisories for Wednesday

ris

from LWN.net on 2016-05-18 17:23 (#1E6HT)

Arch Linux has updated expat (code execution) and lib32-expat (code execution).

CentOS has updated libndp (C7: man-in-the-middle attacks).

Debian has updated expat (code execution).

Debian-LTS has updated libidn (information disclosure), librsvg (denial of service), and xen (multiple vulnerabilities).

Fedora has updated dhcp (F22: denial of service).

openSUSE has updated cacti(Leap42.1, 13.2: SQL injection), Chromium(SPH for SLE12: multiple vulnerabilities), go (Leap42.1: two vulnerabilities), GraphicsMagick (Leap42.1, 13.2: multiplevulnerabilities), imlib2 (13.2: multiplevulnerabilities), libressl (13.2: multiplevulnerabilities), librsvg (Leap42.1, 13.2:denial of service), mercurial (Leap42.1,13.2: code execution), mysql-community-server (Leap42.1, 13.2:multiple vulnerabilities), ntp (Leap42.1:multiple vulnerabilities), ocaml (13.2:information leak), poppler (13.2: denial ofservice), and proftpd (Leap42.1, 13.2: weak key usage).

Oracle has updated kernel (OL6:multiple vulnerabilities), kernel 4.1.12 (OL7; OL6:three vulnerabilities), libndp (OL7:man-in-the-middle attacks), and qemu-kvm(OL6: multiple vulnerabilities).

Scientific Linux has updated kernel (SL7: privilege escalation) and thunderbird (SL5,7: two vulnerabilities).

SUSE has updated xen (SLE12: multiple vulnerabilities).

Ubuntu has updated expat (codeexecution), libarchive (code execution), libksba (multiple vulnerabilities), and samba (12.04: regression in previous update).

Source	RSS or Atom Feed
Feed Location	http://lwn.net/headlines/rss
Feed Title	LWN.net
Feed Link	https://lwn.net/