Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/701136/rss

Arch Linux has updated chromium (multiple vulnerabilities), jansson (denial of service), lib32-libgcrypt (flawed random number generation), and php (multiple vulnerabilities).

Debian-LTS has updated curl (code
execution), jackrabbit (cross-site request
forgery), pdns (multiple denial of service flaws), php5 (multiple vulnerabilities), phpmyadmin (multiple vulnerabilities), and zookeeper (buffer overflow).

Fedora has updated chromium (F24:
multiple vulnerabilities), distribution-gpg-keys (F24: privilege
escalation), GraphicsMagick (F23: multiple
vulnerabilities), jasper (F24: denial of
service), mingw-openjpeg2 (F24; F23: out-of-bounds write), mock (F24: privilege escalation), moin (F24: unspecified vulnerability from
2014), openjpeg2 (F23: out-of-bounds write), and php-adodb (F24; F23: cross-site scripting).

SUSE has updated php53
(SLES11-SP2: multiple vulnerabilities).