Security advisories for Wednesday

Post Syndicated from ris original

Arch Linux has updated openfire (multiple vulnerabilities).

Debian-LTS has updated libcrypto++ (denial of service).

Fedora has updated community-mysql (F25; F24:
multiple unspecified vulnerabilities), curl
(F25: buffer overflow), hdf5 (F25: multiple
vulnerabilities), js-jquery (F25:
cross-site scripting), nagios-plugins (F25; F24:
multiple vulnerabilities), python-wikitcms (F25; F24: code
execution), and xen (F25: multiple vulnerabilities).

Gentoo has updated firejail-lts (denial of service).

openSUSE has updated ntp
(42.2, 42.1: multiple vulnerabilities) and tor (42.2; 42.1, 13.2: denial of service).

SUSE has updated openjpeg2
(SLE12-SP2: multiple vulnerabilities) and xen (SOSC5, SMP2.1, SM2.1, SLE11-SP3: multiple vulnerabilities).