Security updates for Tuesday Debian-LTS has updated openjdk-6 (multiple vulnerabilities).
Fedora has updated libsndfile (F22; F21:
buffer overflow), mingw-freeimage (F23; F22:
integer overflow), rpm (F23: denial of
service), wpa_supplicant (F21: denial of
service), and zarafa (F21: two
vulnerabilities, one from 2012).
Oracle has updated autofs (OL7:
privilege escalation), binutils (OL7:
multiple vulnerabilities), chrony (OL7:
multiple vulnerabilities), cpio (OL7:
denial of service), cups-filters (OL7:
multiple vulnerabilities), curl (OL7:
multiple vulnerabilities), file (OL7:
multiple vulnerabilities), grep (OL7: heap
buffer overrun), grub2 (OL7: Secure Boot
circumvention), krb5 (OL7: two
vulnerabilities), libreport (OL6: data
leak), libssh2 (OL7: information leak), net-snmp (OL7: denial of service), netcf (OL7: denial of service), ntp (OL7: multiple vulnerabilities), openhpi (OL7: world writable /var/lib/openhpi
directory), openldap (OL7: unintended
cipher usage), openssh (OL7: two
vulnerabilities), python (OL7: multiple
vulnerabilities), rest (OL7: denial of
service), rubygem-bundler and rubygem-thor
(OL7: installs malicious gem files), squid
(OL7: certificate validation bypass), unbound (OL7: denial of service), wireshark (OL7: multiple vulnerabilities), and
xfsprogs (OL7: information disclosure).
Scientific Linux has updated libreport (SL6: data leak).
SUSE has updated firefox
(SLES10SP4: multiple vulnerabilities).