Thursday's security advisories

Arch Linux has updated chromium (multiple vulnerabilities) and linux-zen (connection hijacking).

Debian has updated gnupg (flawed random number generation) and libgcrypt20 (flawed random number generation).

Debian-LTS has updated libupnp (arbitrary file overwrite).

Fedora has updated bind (F23: denial of service), fontconfig (F23: privilege escalation), and python3 (F23: proxy injection).

SUSE has updated xen (SLE12: multiple vulnerabilities, one from 2014) and yast2-ntp-client (SLE10: multiple vulnerabilities, most from 2015).

Ubuntu has updated fontconfig (16.04, 14.04, 12.04: privilege escalation).