Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/703097/rss

Arch Linux has updated imagemagick (two vulnerabilities), kcoreaddons (HTML injection), messagelib (two vulnerabilities), and wpa_supplicant (two vulnerabilities).

Debian has updated php5 (multiple vulnerabilities).

Debian-LTS has updated mat (information leak).

Fedora has updated libdwarf (F24:
two vulnerabilities), libXfixes (F24:
integer overflow), libXi (F24: insufficient
validation), libXrandr (F24: insufficient
validation), libXrender (F24: insufficient
validation), libXtst (F24: insufficient
validation), libXv (F24: insufficient
validation), libXvMC (F24: insufficient
validation), mingw-c-ares (F24; F23: code execution), mingw-openjpeg2
(F24; F23:
denial of service), openjpeg2 (F23: denial
of service), php-ZendFramework (F24;
F23: SQL injection), and python-pillow (F24: memory disclosure).

Gentoo has updated libgcrypt (multiple vulnerabilities) and quagga (code execution).

Mageia has updated graphicsmagick (multiple vulnerabilities).

Red Hat has updated python-django (RHELOSP7 for RHEL7; RHELOSP6 for RHEL7; RHELOSP5 for RHEL7; RHELOSP5 for RHEL6: cross-site request forgery).

SUSE has updated php5 (SLE12-SP1:
multiple vulnerabilities) and systemd (SLE12-SP1; SLE12: denial of service).