Security advisories for Monday

Arch Linux has updated gst-plugins-bad (two vulnerabilities), gst-plugins-base-libs (multiple vulnerabilities), gst-plugins-good (multiple vulnerabilities), gst-plugins-ugly (two vulnerabilities), and gstreamer (denial of service).

CentOS has updated ntp (C7; C6:multiple vulnerabilities), spice (C7: twovulnerabilities), and spice-server (C6: two vulnerabilities).

Debian has updated svgsalamander (server-side request forgery).

Debian-LTS has updated libphp-phpmailer (information disclosure).

Fedora has updated epiphany (F25:multiple vulnerabilities), iio-sensor-proxy(F25: unspecified), jasper (F24: codeexecution), thunderbird (F25; F24: multiple vulnerabilities), and wavpack (F24: multiple vulnerabilities).

Gentoo has updated rtmpdump (multiple vulnerabilities).

Mageia has updated java-1.8.0-openjdk (multiple vulnerabilities),openssl (three vulnerabilities), php (multiple vulnerabilities), phpmyadmin (two vulnerabilities), and thunderbird (multiple vulnerabilities).

openSUSE has updated cpio (42.2,42.1: out-of-bounds write), gnutls (42.2,42.1: multiple vulnerabilities), GraphicsMagick (42.2; 42.1:multiple vulnerabilities), gstreamer-0_10-plugins-bad (42.2: codeexecution), libgit2 (42.1: multiplevulnerabilities), and virtualbox (42.2: multiple vulnerabilities).

Oracle has updated spice (OL7:two vulnerabilities) and spice-server (OL6:two vulnerabilities).

Red Hat has updated ntp (RHEL6,7:multiple vulnerabilities), spice (RHEL7:two vulnerabilities), and spice-server(RHEL6: two vulnerabilities).

Scientific Linux has updated ntp(SL6,7: multiple vulnerabilities), spice(SL7: two vulnerabilities), and spice-server (SL6: two vulnerabilities).

SUSE has updated spice (SLE12-SP2; SLE12-SP1; SLES12; SLE11-SP4: two vulnerabilities).