Security advisories for Monday
Security advisories for Monday
Arch Linux has updated docker (information disclosure), ffmpeg (cross-origin attacks), go (information disclosure), go-ipfs (information disclosure), hub (information disclosure), keybase (information disclosure), ntp (man-in-the-middle attack), roundcubemail (code execution), and syncthing (information disclosure).
Debian has updated tomcat7 (Security Manager bypass).
Debian-LTS has updated prosody (guessable keys) and roundcube (code execution).
Fedora has updated dhcp (F23: denial of service), golang (information disclosure), openssh (F23; F22: information disclosure), openstack-glance (F23: unspecified), php (F23; F22: multiple vulnerabilities), python-kdcproxy (F23: unspecified), salt (F23: insecure /tmp file handling), wireshark (F22: multiple vulnerabilities), and wordpress (F23; F22: cross-site scripting).
Gentoo has updated openssh (multiple vulnerabilities).
Mageia has updated openssh (multiple vulnerabilities), php (information disclosure), and qemu (multiple vulnerabilities).
openSUSE has updated nodejs (two vulnerabilities) and openssh (13.1; 11.4: multiple vulnerabilities).