Wednesday's security updates
Wednesday's security updates
[Security] Posted Mar 30, 2011 17:18 UTC (Wed) by corbet
Debian has updated tomcat (multiple vulnerabilities dating back to 2008) and mahara (cross-site scripting and request forgery).
Fedora has updated wordpress (F13, F14: update to 3.1 for cross-site scripting and information disclosure vulnerabilities) and phpMyAdmin (F13, F14: cross-site scripting and information disclosure).
Mandriva has updated openldap (authentication bypass and denial of service)
Pardus has updated firefox (blacklist fraudulent SSL certificates) and openssl (ditto).
openSUSE has updated logwatch (command injection).
Ubuntu has updated vsftpd (denial of service), tomcat (multiple vulnerabilities), subversion (denial of service), and quagga (denial of service).