|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2016-11-03 18:06:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Arch Linux has updated curl (multiple vulnerabilities), lib32-curl (multiple vulnerabilities), lib32-libcurl-compat (multiple vulnerabilities), lib32-libcurl-gnutls (multiple vulnerabilities), libcurl-compat (multiple vulnerabilities), libcurl-gnutls (multiple vulnerabilities), tar (file overwrite), and tomcat6 (redirect HTTP traffic).
CentOS has updated bind (C6; C5: denial of service) and bind97 (C5: denial of service).
Debian-LTS has updated bind9 (denial of service), bsdiff (denial of service), qemu (multiple vulnerabilities), spip (multiple vulnerabilities), and xen (information leak/corruption).
Mageia has updated openjpeg2 (multiple vulnerabilities).
openSUSE has updated bash (13.2: code execution), ghostscript (Leap42.1: insufficient parameter check), libxml2 (Leap42.1: code execution), and openslp (Leap42.1: two vulnerabilities).
Oracle has updated bind (OL6; OL5: denial of service) and bind97 (OL5: denial of service).
Red Hat has updated 389-ds-base (RHEL7: three vulnerabilities), bind (RHEL7; RHEL5,6: denial of service), bind97 (RHEL5: denial of service), curl (RHEL7: three vulnerabilities), dhcp (RHEL7: denial of service), firewalld (RHEL7: authentication bypass), fontconfig (RHEL7: privilege escalation), gimp (RHEL7: use-after-free), glibc (RHEL7: three vulnerabilities), kernel (RHEL7: multiple vulnerabilities), kernel-rt (RHEL7: multiple vulnerabilities), krb5 (RHEL7: two vulnerabilities), libguestfs and virt-p2v (RHEL7: information leak), libreoffice (RHEL7: code execution), libreswan (RHEL7: denial of service), libvirt (RHEL7: three vulnerabilities), mariadb (RHEL7: multiple vulnerabilities), mod_nss (RHEL7: invalid handling of +CIPHER operator), nettle (RHEL7: multiple vulnerabilities), NetworkManager (RHEL7: information leak), ntp (RHEL7: multiple vulnerabilities), openssh (RHEL7: privilege escalation), pacemaker (RHEL7: denial of service), pacemaker (RHEL7: privilege escalation), pcs (RHEL7: two vulnerabilities), php (RHEL7: multiple vulnerabilities), poppler (RHEL7: code execution), postgresql (RHEL7: two vulnerabilities), powerpc-utils-python (RHEL7: code execution), python (RHEL7: code execution), qemu-kvm (RHEL7: two vulnerabilities), resteasy-base (RHEL7: code execution), squid (RHEL7: multiple denial of service flaws), subscription-manager (RHEL7: information disclosure), sudo (RHEL7: information disclosure), systemd (RHEL7: denial of service), tomcat (RHEL7: multiple vulnerabilities), util-linux (RHEL7: denial of service), and wget (RHEL7: code execution).
SUSE has updated bind (SLES-Pi-12-SP2; SOSC5, SMP2.1, SM2.1, SLE11-SP2,3,4: denial of service) and curl (SLE11-SP4: multiple vulnerabilities).
Ubuntu has updated memcached (code execution), nvidia-graphics-drivers-367 (16.04, 14.04, 12.04: privilege escalation), and openjdk-8 (16.10, 16.04: multiple vulnerabilities).
