Security updates for Wednesday

Security updates have been issued by Arch Linux (gitlab), Debian (gnutls28), Fedora (audiofile, coreutils, firefox, hesiod, kernel, kernel-headers, kernel-tools, libssh, lighttpd, mosquitto, opencc, patch, php-horde-nag, sos-collector, strongswan, and thunderbird), Gentoo (libxkbcommon, mutt-1.10, postgresql, systemd, xen, and xorg-server), Mageia (curl, libtiff, samba, spamassassin, and unzip), Oracle (java-1.7.0-openjdk and python-paramiko), Red Hat (git, glusterfs, java-1.7.0-openjdk, libvirt, python-paramiko, qemu-kvm, thunderbird, and xorg-x11-server), SUSE (apache2, apache2-mod_nss, audiofile, libarchive, and ntfs-3g_ntfsprogs), and Ubuntu (curl, ghostscript, and openjdk-8, openjdk-lts).