Security advisories for Wednesday

Arch Linux has updated firefox (multiple vulnerabilities) and tomcat6 (denial of service).

CentOS has updated firefox (C7; C6:multiple vulnerabilities), kexec-tools (C7:file overwrites), pcs (C7; C6: privilege escalation), tomcat (C7: HTTP request smuggling), and tomcat6 (C6: HTTP request smuggling).

Debian has updated quassel (SQL injection).

Fedora has updated clamav (F20:multiple vulnerabilities), dpkg (F21; F20: twovulnerabilities), kernel (F21: twovulnerabilities), texlive (F21: predictablefilenames), and wpa_supplicant (F20: code execution).

Gentoo has updated ettercap (multiple vulnerabilities).

Mageia has updated dnsmasq(information disclosure), flash-player-plugin (multiple vulnerabilities), hostapd (denial of service), netcf (denial of service), pam (two vulnerabilities), and testdisk (multiple vulnerabilities).

Oracle has updated firefox (OL7; OL5:multiple vulnerabilities), kernel (OL7: twovulnerabilities), kexec-tools (OL7: fileoverwrites), tomcat (OL7: HTTP requestsmuggling), and tomcat6 (OL6: HTTP request smuggling).

Red Hat has updated firefox(RHEL5,6,7: multiple vulnerabilities), flash-plugin (RHEL5,6: multiplevulnerabilities), java-1.6.0-ibm (RHEL5,6:multiple vulnerabilities), java-1.7.0-ibm(RHEL5: multiple vulnerabilities), kernel(RHEL7: privilege escalation), kernel-rt (RHEL7; RHEMRG2.5:privilege escalation), kexec-tools (RHEL7:file overwrites), kvm (RHEL5: codeexecution), pcs (RHEL7; RHEL6: privilege escalation), qemu-kvm(RHEL7; RHEL6: code execution), qemu-kvm-rhev (RHEL7, RHEL6,RHEL OSP4,5,6: code execution), tomcat(RHEL7: HTTP request smuggling), tomcat6(RHEL6: HTTP request smuggling), and xen(RHEL5: code execution).

Scientific Linux has updated kvm(SL5: code execution) and xen (SL5: code execution).

Slackware has updated mozilla (multiple vulnerabilities).

SUSE has updated php5 (SLE12:multiple vulnerabilities).