Security advisories for Wednesday

Debian has updated tomcat7 (multiple vulnerabilities), tomcat8 (multiple vulnerabilities), and vim (code execution).

Debian-LTS has updated moin (cross-site scripting), tiff (multiple vulnerabilities), and vim (code execution).

Gentoo has updated adobe-flash (multiple vulnerabilities), chromium (multiple vulnerabilities), poppler (code execution), rpcbind (denial of service), tar (file overwrite), and testdisk (code execution).

Mageia has updated bash (code execution), flex (buffer overflow), libssh2 (insecure ssh sessions), libxslt (code execution), and tre (code execution).

openSUSE has updated dovecot22 (information disclosure), gnuchess (code execution), monit (two vulnerabilities), sudo (13.2: privilege escalation), and tar (13.2: file overwrite).

Oracle has updated ipsilon (OL7: information leak/denial of service) and memcached (OL7; OL6: multiple vulnerabilities).

Red Hat has updated memcached (RHEL7; RHEL6: code execution).

Scientific Linux has updated 389-ds-base (SL6: multiple vulnerabilities), firefox (SL5,6,7: multiple vulnerabilities), kernel (SL6: two vulnerabilities), memcached (SL6: code execution), nss and nss-util (SL5,6,7: multiple vulnerabilities), and policycoreutils (SL6,7: sandbox escape).

Slackware has updated ntp (multiple vulnerabilities).

SUSE has updated java-1_8_0-openjdk (SLE12-SP1,2: multiple vulnerabilities) and pacemaker (SLE12-SP2: two vulnerabilities).

Ubuntu has updated gst-plugins-good0.10, gst-plugins-good1.0 (code execution), python2.7, python3.2, python3.4, python3.5 (16.04, 14.04, 12.04: multiple vulnerabilities), and tar (file overwrite).