Security advisories for Monday CentOS has updated postgresql
(C6: multiple vulnerabilities).
Debian has updated freexl (code execution).
Fedora has updated drupal6 (F21; F20:
multiple vulnerabilities), drupal7 (F21; F20:
multiple vulnerabilities), libssh2 (F20:
information leak), mingw-xerces-c (F21; F20:
denial of service), php (F21: multiple
vulnerabilities), tcpdump (F21: multiple vulnerabilities), and xerces-c (F21; F20: denial of service).
Gentoo has updated busybox
(multiple vulnerabilities).
Mandriva has updated apache-mod_wsgi (MBS2.0: privilege
escalation), bash (MBS2.0: multiple
vulnerabilities), bind (MBS2.0: denial of
service), binutils (MBS2.0: multiple
vulnerabilities), clamav (MBS2.0: multiple
vulnerabilities), coreutils (MBS1.0,
MBS2.0: code execution), ctags (MBS2.0:
denial of service), ctdb (MBS2.0: insecure
temporary files), dbus (MBS2.0: multiple
vulnerabilities), drupal (MBS1.0: multiple
vulnerabilities), ejabberd (MBS2.0:
incorrectly allows unencrypted connections), erlang (MBS2.0: command injection), ffmpeg (MBS2.0: multiple vulnerabilities), firebird (MBS2.0: denial of service), freerdp (MBS2.0: two vulnerabilities), gcc (MBS2.0: code execution), git (MBS2.0: code execution), glibc (MBS2.0: multiple vulnerabilities), glpi (MBS2.0: multiple vulnerabilities), grub2 (MBS2.0: code execution), gtk+3.0 (MBS2.0: screen lock bypass), icu (MBS2.0: multiple vulnerabilities), ipython (MBS2.0: code execution), jasper (MBS2.0: multiple vulnerabilities), jython (MBS2.0: code execution), libarchive (MBS1.0, MBS2.0: directory
traversal), libtiff (MBS1.0: multiple
vulnerabilities), libxfont (MBS1.0:
multiple vulnerabilities), setup (MBS2.0:
information disclosure), tcpdump (MBS1.0:
multiple vulnerabilities), and wireshark
(MBS1.0: multiple vulnerabilities).
openSUSE has updated freetype2
(13.2, 13.1: many vulnerabilities), gnutls
(13.2, 13.1: certificate algorithm consistency checking issue), and rubygem-bundler (13.2, 13.1: installs malicious gem files).
Red Hat has updated kernel-rt
(RHE MRG for RHEL6: two vulnerabilities), libxml2 (RHEL7: denial of service), and postgresql (RHEL6, RHEL7: multiple vulnerabilities).
Scientific Linux has updated libxml2 (SL7: denial of service) and postgresql (SL6, SL7: multiple vulnerabilities).