Security advisories for Friday

[Posted October 16, 2015 by ris]

[Security] Posted Oct 16, 2015 16:39 UTC (Fri) by ris

Arch Linux has updated firefox (information disclosure).

Debian-LTS has updated zendframework (SQL injection).

Fedora has updated kernel (F22: privilege escalation).

Mageia has updated 389-ds-base (cipher downgrade), cyrus-imapd (unspecified), and wireshark (denial of service).

openSUSE has updated flash-player (13.2, 13.1: unspecified).

Oracle has updated lxc (OL7; OL6: apparmor policy bypass).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities), openstack-glance (RHELOSP: two vulnerabilities), openstack-neutron (RHELOSP: ACL bypass), openstack-nova (RHELOSP: denial of service), openstack-swift (RHELOSP: information disclosure), python-django (RHELOSP: multiple vulnerabilities), and qemu-kvm-rhev (RHELOSP: code execution).

SUSE has updated flash-player (SLE12; SLE11SP3,4: unspecified).

Ubuntu has updated click (15.04, 14.04: privilege escalation), firefox (15.04, 14.04, 12.04: information disclosure), and postgresql-9.1, postgresql-9.3, postgresql-9.4 (15.04, 14.04, 12.04: two vulnerabilities).