Security updates for Thursday

Post Syndicated from jake original

Debian-LTS has updated bozohttpd
(two vulnerabilities, one from 2014), ruby-mail (SMTP injection), and xymon (multiple vulnerabilities). Also, the Debian-LTS team has announced that some packages will not be
supported (libv8, mediawiki, sogo, and vlc) for Debian 7 (“wheezy”),
so users of those should upgrade to Debian 8 (“jessie”).

Red Hat has updated rh-mariadb100-mariadb (RHSC: many vulnerabilities).

Ubuntu has updated eglibc, glibc
(15.10, 14.04, 12.04: multiple vulnerabilities, some from 2013 and 2014)
and samba (16.04, 15.10, 14.04: regression
in previous security fix).