Tuesday's security updates
Tuesday's security updates
CentOS has updated glibc (C7; C6; C5: two vulnerabilities).
Debian has updated lua5.1 (code execution), lua5.2 (code execution), and openjdk-7 (regression in previous update).
Fedora has updated cas-client (F20: security constraints bypass), distcc (F20; F19: denial of service/possible code execution), gvfs (F20: file overwrite and device key access), httpcomponents-client (F20; F19: SSL server spoofing), ifuse (F20: file overwrite and device key access), kernel (F20: privilege escalation), libgpod (F20: file overwrite and device key access), libimobiledevice (F20: file overwrite and device key access), libplist (F20: file overwrite and device key access), libusbmuxd (F20: file overwrite and device key access), php (F20; F19: multiple vulnerabilities), pixman (F19: denial of service), ppp (F19: privilege escalation), smack (F20: man-in-the-middle attack), springframework-security (F20; F19: access control restrictions bypass), upower (F20: file overwrite and device key access), usbmuxd (F20: file overwrite and device key access), and zarafa (F20; F19: multiple vulnerabilities).
Gentoo has updated chromium (multiple vulnerabilities), jinja (privilege escalation), net-snmp (multiple vulnerabilities), nrpe (code execution), openoffice-bin (multiple vulnerabilities), postgresql-server (multiple vulnerabilities), qemu (multiple vulnerabilities), stunnel (private key leak), and wireshark (multiple vulnerabilities).
Mageia has updated blender (denial of service/possible code execution) and distcc (denial of service/possible code execution).
Mandriva has updated bugzilla (BS1.0: cross-site request forgery), catfish (BS1.0: privilege escalation), dhcpcd (BS1.0: denial of service), file (BS1.0: denial of service), gpgme (BS1.0: code execution), jakarta-commons-httpclient (BS1.0: SSL server spoofing), krb5 (BS1.0: multiple vulnerabilities), libvncserver (BS1.0: denial of service/possible code execution), phpmyadmin (BS1.0: multiple vulnerabilities), python-imaging (BS1.0: denial of service), serf (BS1.0: information leak), and subversion (BS1.0: information leak).
Oracle has updated glibc (OL7; OL6; OL5: two vulnerabilities).
Red Hat has updated glibc (RHEL5,6,7: two vulnerabilities).
Scientific Linux has updated glibc (SL5,6: two vulnerabilities).