Friday's security updates Debian has updated libarchive (directory traversal).
Debian-LTS has updated eglibc (multiple vulnerabilities).
Fedora has updated gnupg
(F21: multiple vulnerabilities), libjpeg-turbo (F20; F21: denial of service), and qt (F20: denial of service).
Gentoo has updated jasper
(multiple vulnerabilities).
Mageia has updated dokuwiki
(M4: access control circumvention), maradns (M4: denial of service), python (M4: missing hostname check), vlc (M4: code execution), and vorbis-tools (M4: multiple vulnerabilities).
openSUSE has updated chromium (13.1, 13.2: multiple vulnerabilities) and php5 (13.1, 13.2: multiple vulnerabilities).
Oracle has updated 389-ds-base (O6: information disclosure).
Red Hat has updated 389-ds-base (RHEL6; RHEl7:
information disclosure),
chromium-browser (RHEL6: multiple vulnerabilities), firefox (RHEL7: multiple vulnerabilities), glibc (RHEL7: multiple vulnerabilities), gnome-shell, mutter, clutter, cogl (RHEL7:
denial of service), hivex (RHEL7: code execution), httpd (RHEL7: multiple vulnerabilities), ipa (RHEL7: multiple vulnerabilities), kernel (RHEL7: multiple vulnerabilities), krb5 (RHEL7: multiple vulnerabilities), libreoffice (RHEL7: multiple vulnerabilities), libvirt (RHEL7: multiple vulnerabilities), openssh (RHEL7: multiple vulnerabilities), openstack-glance (RHEL OSP6: denial of service), pcre (RHEL7: denial of service), powerpc-utils (RHEL7: information disclosure), ppc64-diag (RHEL7: information disclosure), qemu-kvm (RHEL7: multiple vulnerabilities), qemu-kvm-rhev (RHEL OSP6: buffer overflow), redhat-access-plugin-openstack (RHEL
OSP6: information disclosure), thunderbird (RHEL7: multiple vulnerabilities), and virt-who (RHEL7: credentials disclosure).
Slackware has updated samba
(14.1: code execution).
SUSE has updated PHP 5.3
(SLES11: multiple vulnerabilities).