Security updates for Monday

Arch Linux has updated chromium (multiple vulnerabilities), libdwarf (multiple vulnerabilities), libpurple (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), vlc (code execution), and xerces-c (code execution).

Debian has updated libpdfbox-java (XML External Entity (XXE) attacks).

Debian-LTS has updated gimp(use-after-free), java-common (OpenJDK 6 nolonger supported), libcommons-fileupload-java (denial of service), mysql-connector-java (information disclosure), nss (denial of service), and tomcat7 (denial of service).

Fedora has updated drupal7 (F24:privilege escalation), mirrormanager (F24; F23; F22: unspecified), optipng (F23: code execution), python (F23: man-in-the-middle attack), and qemu (F24: multiple vulnerabilities).

Gentoo has updated claws-mail(multiple vulnerabilities), freexl(multiple vulnerabilities), hostapd(multiple vulnerabilities), imagemagick(multiple vulnerabilities), libssh(multiple vulnerabilities), plib (codeexecution from 2011), and sudo (privilege escalation).

openSUSE has updated libarchive(13.2: denial of service), libav (Leap42.1:two vulnerabilities), libtasn1 (Leap42.1:denial of service), libtorrent-rasterbar(13.1: denial of service), mariadb(Leap42.1: multiple vulnerabilities), p7zip(Leap42.1: code execution), php5 (Leap42.1:multiple vulnerabilities), and rsync(Leap42.1: unsafe destination path).

Oracle has updated kernel 2.6.32 (OL6; OL5:privilege escalation).

Red Hat has updated kernel-rt(RHEMRG2.5: multiple vulnerabilities).

Scientific Linux has updated kernel (SL7: two vulnerabilities).

Slackware has updated php (multiple vulnerabilities).