Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/706396/rss

CentOS has updated java-1.7.0-openjdk (C6: multiple
vulnerabilities), libgcrypt (C6: flawed
random number generation), and pacemaker
(C6: privilege escalation).

Debian has updated mariadb-10.0 (multiple vulnerabilities) and terminology (command execution).

Fedora has updated bind (F24:
denial of service), mingw-libwebp (F24:
integer overflows), sudo (F24: privilege escalation), and tomcat (F24; F23: multiple vulnerabilities).

Mageia has updated libwmf (denial of service), monit (cross-site request forgery), python-cryptography (returns empty byte-string), and quagga (stack overrun).

openSUSE has updated flash-player
(13.1: multiple vulnerabilities), mysql-community-server (Leap42.2: multiple vulnerabilities), and opera (Leap42.2; Leap42.1: multiple vulnerabilities).

Red Hat has updated policycoreutils (RHEL6,7: sandbox escape).

SUSE has updated flash-player
(SLE12-SP1: multiple vulnerabilities) and mysql (SLE11-SP4: three vulnerabilities).