Thursday's security advisories CentOS has updated xulrunner (C7: two
vulnerabilities), firefox (C7; C6; C5: two
vulnerabilities), httpcomponents-client
(C7: SSL server spoofing), kernel (C5:
denial of service), squid (C6; C5: two denial of service
flaws, one from 2013), squid (C7: denial of
service), and thunderbird (C6; C5: two vulnerabilities).
Gentoo has updated dhcpcd (denial
of service) and mysql (many
vulnerabilities, mostly unspecified, some from 2013).
Oracle has updated firefox (OL6:
two vulnerabilities), httpcomponents-client
(OL7: SSL server spoofing), squid (OL6; OL5: two denial of service
flaws, one from 2013), squid (OL7: denial
of service), and thunderbird (OL6: two vulnerabilities).
Red Hat has updated firefox (two
vulnerabilities), httpcomponents-client
(RHEL7: SSL server spoofing), kernel
(RHEL5: denial of service), squid (RHEL5&6: two denial of service
flaws, one from 2013), squid (RHEL7: denial of service), and thunderbird (RHEL5&6: two vulnerabilities).
Ubuntu has updated gnupg (12.04,
10.04: key disclosure) and libgcrypt11
(14.04, 12.04, 10.04: key disclosure).