Security advisories for Wednesday
Security advisories for Wednesday
Arch Linux has updated firefox (multiple vulnerabilities) and tomcat6 (denial of service).
CentOS has updated firefox (C7; C6: multiple vulnerabilities), kexec-tools (C7: file overwrites), pcs (C7; C6: privilege escalation), tomcat (C7: HTTP request smuggling), and tomcat6 (C6: HTTP request smuggling).
Debian has updated quassel (SQL injection).
Fedora has updated clamav (F20: multiple vulnerabilities), dpkg (F21; F20: two vulnerabilities), kernel (F21: two vulnerabilities), texlive (F21: predictable filenames), and wpa_supplicant (F20: code execution).
Gentoo has updated ettercap (multiple vulnerabilities).
Mageia has updated dnsmasq (information disclosure), flash-player-plugin (multiple vulnerabilities), hostapd (denial of service), netcf (denial of service), pam (two vulnerabilities), and testdisk (multiple vulnerabilities).
Oracle has updated firefox (OL7; OL5: multiple vulnerabilities), kernel (OL7: two vulnerabilities), kexec-tools (OL7: file overwrites), tomcat (OL7: HTTP request smuggling), and tomcat6 (OL6: HTTP request smuggling).
Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities), flash-plugin (RHEL5,6: multiple vulnerabilities), java-1.6.0-ibm (RHEL5,6: multiple vulnerabilities), java-1.7.0-ibm (RHEL5: multiple vulnerabilities), kernel (RHEL7: privilege escalation), kernel-rt (RHEL7; RHEMRG2.5: privilege escalation), kexec-tools (RHEL7: file overwrites), kvm (RHEL5: code execution), pcs (RHEL7; RHEL6: privilege escalation), qemu-kvm (RHEL7; RHEL6: code execution), qemu-kvm-rhev (RHEL7, RHEL6, RHEL OSP4,5,6: code execution), tomcat (RHEL7: HTTP request smuggling), tomcat6 (RHEL6: HTTP request smuggling), and xen (RHEL5: code execution).
Scientific Linux has updated kvm (SL5: code execution) and xen (SL5: code execution).
Slackware has updated mozilla (multiple vulnerabilities).
SUSE has updated php5 (SLE12: multiple vulnerabilities).