Security advisories for Thursday

CentOS has updated firefox (C7; C6; C5: multiple vulnerabilities),nspr(C7; C6; C5: code execution),nss(C7; C6; C5: code execution), andnss-util (C7; C6: code execution).

Debian has updated iceweasel (multiple vulnerabilities).

Fedora has updated firefox (F23; F22: multiple vulnerabilities),nspr (F23; F22: code execution), nss (F23; F22: codeexecution), nss-softokn (F23; F22: code execution), nss-util (F23; F22: codeexecution), ntp (F21: multiple vulnerabilities),php-horde-horde (F22; F21: cross-site request forgeries),php-horde-imp (F22; F21: cross-site request forgeries), php-horde-ingo (F22; F21: cross-site request forgeries), and php-horde-passwd (F22; F21: cross-site request forgeries).

Mageia has updated drupal (open redirect),firefox, nspr, and nss (multiple vulnerabilities), and springframework (open file redirect).

openSUSE has updated postgresql92(13.1: information disclosure) and wpa_supplicant (13.1: denial of service).

Oracle has updated firefox (OL7; OL6; OL5: multiple vulnerabilities), kernel 2.6.32 (OL6; OL5:privilege escalation), kernel 3.8.13 (OL7; OL6:privilege escalation), kernel 2.6.39 (OL6: privilege escalation), nss and nspr (OL5: code execution), andnss, nss-util, and nspr (OL7; OL6: code execution).

Scientific Linux has updated firefox (multiple vulnerabilities), kernel (SL7: two vulnerabilities, one from2014), libreswan (SL7: denial of service),nss and nspr (SL5: code execution), and nss, nss-util, and nspr (SL6&7: code execution).

Ubuntu has updated firefox (multiple vulnerabilities),nspr (code execution), and nss (code execution).