Thursday's security advisories

Debian has updated ntfs-3g (privilege escalation).

Debian-LTS has updated openssl (three vulnerabilities).

Fedora has updated jasper (F25: code execution), moodle (F24: multiple vulnerabilities), and percona-xtrabackup (F25; F24: information disclosure).

Mageia has updated libxpm (code execution), pdns (multiple vulnerabilities), python-pycrypto (denial of service from 2013), and wireshark (two denial of service flaws).

openSUSE has updated bzrtp (42.2, 42.1: man-in-the-middle vulnerability), firefox (42.2, 42.1: multiple vulnerabilities), nginx (42.2, 42.1; SPH for SLE12: denial of service), seamonkey (42.2, 42.1: code execution), and thunderbird (42.2, 42.1; SPH for SLE12: multiple vulnerabilities).

Red Hat has updated rabbitmq-server (OSP8.0: denial of service from 2015) and thunderbird (multiple vulnerabilities).

Ubuntu has updated gnutls26, gnutls28 (multiple vulnerabilities), irssi (multiple vulnerabilities), iucode-tool (16.10, 16.04: code execution), libxpm (code execution), and ntfs-3g (16.10, 16.04: privilege escalation).