Tuesday's security updates

Debian has updated spice (two vulnerabilities).

Debian-LTS has updated dhcpcd5 (code execution) and nss (cipher-downgrade attacks).

Fedora has updated glibc (F23: denial of service), nginx (F23: denial of service), and qemu (F22: multiple vulnerabilities).

openSUSE has updated clamav-database (Leap42.1: database refresh).

Oracle has updated spice (OL7: two vulnerabilities) and spice-server (OL6: two vulnerabilities).

Red Hat has updated glibc (RHEL6.5: sends DNS queries to random file descriptors), jenkins (RHOSE3.2: multiple vulnerabilities), spice (RHEL7: two vulnerabilities), and spice-server (RHEL6: two vulnerabilities).

Scientific Linux has updated spice (SL7: two vulnerabilities) and squid (SL7: multiple vulnerabilities).

SUSE has updated expat (SLE12-SP1: code execution).

Ubuntu has updated libxml2 (multiple vulnerabilities) and oxide-qt (16.04, 15.10, 14.04: multiple vulnerabilities).