Monday's security advisories

Arch Linux has updated bind (multiple vulnerabilities), openssh (command injection), pcre (code execution), pidgin-otr (code execution), wireshark-cli (multiple dissector crashes), wireshark-gtk (multiple dissector crashes), and wireshark-qt (multiple dissector crashes).

Debian has updated exim4 (privilege escalation), graphite2 (multiple vulnerabilities), samba (two vulnerabilities), and wireshark (multiple dissector crashes).

Fedora has updated bind (F23: multiple vulnerabilities), exim (F23; F22: privilege escalation), kernel (F22: denial of service), libssh (F22: insecure ssh sessions), openssh (F23: command injection), openssl (F22: multiple vulnerabilities), perl (F22: ambiguous environment), php (F22: multiple vulnerability), php-htmLawed (F22: unspecified vulnerability), php-udan11-sql-parser (F22: multiple vulnerabilities), phpMyAdmin (F22: multiple vulnerabilities), and samba (F23; F22: incorrect ACL get/set allowed on symlink path).

Gentoo has updated chromium (many vulnerabilities), ffmpeg (many vulnerabilities), flash-player (multiple vulnerabilities), flightgear (two vulnerabilities from 2012), icedtea (multiple vulnerabilities), libreswan (denial of service), oracle-jre-bin (multiple vulnerabilities), qtgui (multiple vulnerabilities), and vlc (multiple vulnerabilities).

openSUSE has updated Adobe (13.1: multiple vulnerabilities), Chromium (13.2: multiple vulnerabilities), Firefox (13.1: multiple vulnerabilities), libotr,libotr2 (13.1: code execution), and firefox (Leap42.1, 13.2: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5,6: multiple vulnerabilities) and openstack-heat (RHELOSP6 for RHEL7; RHELOSP5 for RHEL7; RHELOSP5 for RHEL6: denial of service).

SUSE has updated firefox, nss, nspr (SLE12-SP1: multiple vulnerabilities).

Ubuntu has updated graphite2 (15.10, 14.04: multiple vulnerabilities).