Monday’s security advisories

Post Syndicated from ris original https://lwn.net/Articles/714422/rss

Arch Linux has updated ffmpeg
(two vulnerabilities), kdenetwork-kopete (social engineering attacks), and webkit2gtk (multiple vulnerabilities).

Debian-LTS has updated openjdk-7 (multiple vulnerabilities) and vim (buffer overflow).

Fedora has updated epiphany (F24:
password extraction sweep attack).

Gentoo has updated gnutls
(multiple vulnerabilities), graphviz
(multiple vulnerabilities from 2014), and lsyncd (command injection from 2014).

Mageia has updated audacious-plugins (multiple vulnerabilities), calibre (information leak), and nagios (two vulnerabilities).

openSUSE has updated irssi (42.2,
42.1: memory leak), libxml2 (42.2: three
vulnerabilities), and tigervnc (42.2, 42.1:
denial of service).

Oracle has updated kernel 3.8.13 (OL7; OL6:
multiple vulnerabilities), kernel 2.6.39 (OL6; OL5: multiple vulnerabilities).

Red Hat has updated java-1.7.0-openjdk (RHEL5,6,7: multiple vulnerabilities).

Scientific Linux has updated java-1.7.0-openjdk (SL5,6,7: multiple vulnerabilities).

Slackware has updated bind (denial of service), openssl (three vulnerabilities), php (multiple vulnerabilities), and tcpdump (multiple vulnerabilities).