Friday's security updates

Debian has updated lxc (code execution).

Debian-LTS has updated nspr (code execution).

Mageia has updated dovecot (M5: denial of service), gcc (M5: predictable random values), kernel (M5: multiple vulnerabilities), latex2rtf (M5: code execution), libpng/libpng12 (M5: denial of service), and uglify-js (M5: malicious code obfuscation).

openSUSE has updated krb5 (13.1, 13.2: memory corruption) and libksba (13.1, 13.2: denial of service).

Red Hat has updated autofs (RHEL7: privilege escalation), binutils (RHEL7: multiple vulnerabilities), chrony (RHEL7: multiple vulnerabilities), cpio (RHEL7: code execution), cups-filters (RHEL7: multiple vulnerabilities), curl (RHEL7: multiple vulnerabilities), file (RHEL7: multiple vulnerabilities), glibc (RHEL7: multiple vulnerabilities; RHEL7: privilege escalation), grep (RHEL7: heap buffer overrun), grub2 (RHEL7: Secure Boot circumvention), kernel (RHEL7: multiple vulnerabilities), kernel-rt (RHEL7: multiple vulnerabilities), krb5 (RHEL7: multiple vulnerabilities), libssh2 (RHEL7: denial of service), net-snmp (RHEL7: denial of service), netcf (RHEL7: denial of service), NetworkManager (RHEL7: multiple vulnerabilities), ntp (RHEL7: multiple vulnerabilities), openhpi (RHEL7: world writable /var/lib/openhpi directory), openldap (RHEL7: unintended cipher usage), openssh (RHEL7: multiple vulnerabilities), pacemaker (RHEL7: privilege escalation), pcs (RHEL7: denial of service), python (RHEL7: multiple vulnerabilities), realmd (RHEL7: unsanitized input), rest (RHEL7: denial of service), rubygem-bundler, rubygem-thor (RHEL7: code execution), squid (RHEL7: certificate validation bypass), sssd (RHEL7: memory leak), tigervnc (RHEL7: multiple vulnerabilities), unbound (RHEL7: denial of service), wireshark (RHEL7: multiple vulnerabilities), and xfsprogs (RHEL7: information leak).

Ubuntu has updated libpng (multiple vulnerabilities).