Security advisories for Wednesday Arch Linux has updated expat (code execution) and lib32-expat (code execution).
CentOS has updated libndp (C7: man-in-the-middle attacks).
Debian has updated expat (code execution).
Debian-LTS has updated libidn (information disclosure), librsvg (denial of service), and xen (multiple vulnerabilities).
Fedora has updated dhcp (F22: denial of service).
openSUSE has updated cacti
(Leap42.1, 13.2: SQL injection), Chromium
(SPH for SLE12: multiple vulnerabilities), go (Leap42.1: two vulnerabilities), GraphicsMagick (Leap42.1, 13.2: multiple
vulnerabilities), imlib2 (13.2: multiple
vulnerabilities), libressl (13.2: multiple
vulnerabilities), librsvg (Leap42.1, 13.2:
denial of service), mercurial (Leap42.1,
13.2: code execution), mysql-community-server (Leap42.1, 13.2:
multiple vulnerabilities), ntp (Leap42.1:
multiple vulnerabilities), ocaml (13.2:
information leak), poppler (13.2: denial of
service), and proftpd (Leap42.1, 13.2: weak key usage).
Oracle has updated kernel (OL6:
multiple vulnerabilities), kernel 4.1.12 (OL7; OL6:
three vulnerabilities), libndp (OL7:
man-in-the-middle attacks), and qemu-kvm
(OL6: multiple vulnerabilities).
Scientific Linux has updated kernel (SL7: privilege escalation) and thunderbird (SL5,7: two vulnerabilities).
SUSE has updated xen (SLE12: multiple vulnerabilities).
Ubuntu has updated expat (code
execution), libarchive (code execution), libksba (multiple vulnerabilities), and samba (12.04: regression in previous update).