Thursday's security updates

CentOS has updated firefox (C5; C6; C7: multiple vulnerabilities), nss (C5; C6; C7: protocol downgrade), thunderbird (C5; C6: multiple vulnerabilities), and wpa_supplicant (C7: command execution).

Debian has updated iceweasel (multiple vulnerabilities), jasper (code execution), qemu (privilege escalation), qemu-kvm (privilege escalation), and tcpdump (multiple vulnerabilities).

Fedora has updated firefox (F20: multiple vulnerabilities), tcpdump (F19: multiple vulnerabilities), teeworlds (F19; F20: denial of service), thunderbird (F20: multiple vulnerabilities), util-linux (F20: command injection), and wireshark (F20: multiple vulnerabilities).

Mageia has updated firefox, thunderbird (M4: multiple vulnerabilities), libreoffice (M4: code execution), mediawiki (M4: multiple vulnerabilities), and sddm (M4: multiple vulnerabilities).

Oracle has updated firefox (O5; O6: multiple vulnerabilities) and wpa_supplicant (O7: command execution).

Red Hat has updated wget (RHEL6.5: code execution) and wpa_supplicant (RHEL7: command execution).

Scientific Linux has updated firefox (multiple vulnerabilities), nss, nss-util, nss-softokn (protocol downgrade), thunderbird (SL6: multiple vulnerabilities), and wpa_supplicant (SL7: command execution).

Ubuntu has updated eglibc, glibc (10.04, 12.04, 14.04, 14.10: multiple vulnerabilities), tcpdump (10.04, 12.04, 14.04, 14.10: multiple vulnerabilities), and thunderbird (12.04, 14.04, 14.10: multiple vulnerabilities).

Comments (none posted)