Security advisories for Wednesday
Security advisories for Wednesday
CentOS has updated php (C7: multiple vulnerabilities), php53 (C6: multiple vulnerabilities), resteasy-base (C7: XML eXternal Entity (XXE) attacks), samba (C7: remote code execution/privilege escalation), and samba4 (C6: remote code execution/privilege escalation).
Debian has updated reportbug (code execution).
Mageia has updated cups (privilege escalation), eet (denial of service), file (denial of service), glibc (multiple vulnerabilities), ipython (code execution), kernel (MG4; MG3: multiple vulnerabilities), mediawiki (multiple vulnerabilities), moodle (multiple vulnerabilities), ocsinventory (cross-site scripting), php-ZendFramework (SQL injection), phpmyadmin (multiple vulnerabilities), polarssl (denial of service), readline (insecure temporary files), and tor (traffic confirmation attack).
Mandriva has updated php (multiple denial of service attacks) and tor (traffic confirmation attack).
Oracle has updated resteasy-base (OL7: XML eXternal Entity (XXE) attacks), samba (OL7: remote code execution/privilege escalation), samba4 (OL6: multiple vulnerabilities), and yum-updatesd (OL5: bypass RPM package signing restriction).
Red Hat has updated php (RHEL7: multiple vulnerabilities), php53 (RHEL5&6: multiple vulnerabilities), resteasy-base (RHEL7: XML eXternal Entity (XXE) attacks), samba (RHEL7: remote code execution/privilege escalation), and samba4 (RHEL6: remote code execution/privilege escalation).
Scientific Linux has updated php53 and php (SL5&6: multiple vulnerabilities) and samba4 (SL6: remote code execution/privilege escalation).
Ubuntu has updated gpgme1.0 (code execution) and eglibc (10.04 LTS: regression in previous update).