Security advisories for Monday

Debian has updated pyjwt (accepts arbitrary tokens).

Debian-LTS has updated libclamunrar (double-free error), qemu (code execution), qemu-kvm (code execution), and zendframework (multiple vulnerabilities).

Fedora has updated abrt (F22: multiple vulnerabilities), cups (F22; F21: two vulnerabilities), drupal7-views (F22; F21; F20: access bypass), gnome-abrt (F22: multiple vulnerabilities), kernel (F22; F21: privilege escalation), krb5 (F21: two vulnerabilities), libreport (F22: multiple vulnerabilities), openssl (F22: multiple vulnerabilities), postgresql (F22: multiple vulnerabilities), qemu (F21: denial of service), qpid-cpp (F21: two vulnerabilities), and satyr (F22: multiple vulnerabilities).

Gentoo has updated adobe-flash (multiple vulnerabilities) and openssl (multiple vulnerabilities).

openSUSE has updated cgit (13.2, 13.1: code execution), xen (13.2; 13.1: multiple vulnerabilities), and XWayland (13.2: permission bypass).

SUSE has updated IBM Java (SLE11SP3: multiple vulnerabilities).