Lots of security updates for Thursday
Lots of security updates for Thursday
Fedora has updated nss-util (F13: certificate spoofing), nss-softokn (F13: certificate spoofing), nss (F13: certificate spoofing), sepostgresql (F13, multiple restriction bypass vulnerabilities), subversion (F12, F13: repository access control bypass), and apr-util (F12, F13: denial of service). There is also the beginning of the usual Mozilla update cascade, but these all address the older round of vulnerabilities: firefox (F13), galeon (F13), gnome-python2-extras (F13), gnome-web-photo (F13), mozvoikko (F13), perl-Gtk2-MozEmbed (F13), and xulrunner (F13).
Mandriva has updated xulrunner (remote code execution).
openSUSE has updated seamonkey and thunderbird (fixes for the previous round of vulnerabilities), php5-pear-mail (code injection), glibc (privilege escalation), bind (denial of service), and kernel (privilege escalation).
Red Hat has updated java-1.5.0-ibm (RHEL4-5: 17 CVE numbers), firefox (RHEL4: remote code execution), xulrunner (RHEL5: remote code execution), and seamonkey (RHEL3-4: remote code execution).
Slackware has updated seamonkey (update to older 2.0.9 release).
SUSE has updated glibc (multiple vulnerabilities).
Ubuntu has updated firefox (remote code execution) and thunderbird (remote code execution).