Thursday's security advisories

[Posted January 28, 2016 by jake]

Thursday's security advisories

[Security] Posted Jan 28, 2016 15:47 UTC (Thu) by jake

Arch Linux has updated nginx (three denial of service flaws).

Debian has updated iceweasel (three vulnerabilities) and openjdk-7 (multiple vulnerabilities).

openSUSE has updated chromium (13.1: multiple vulnerabilities), java-1_7_0-openjdk (13.2: multiple vulnerabilities), java-1_8_0-openjdk (42.1; 13.2: multiple vulnerabilities), java7 (13.1: multiple vulnerabilities), and openldap2 (42.1: two vulnerabilities).

Oracle has updated bind (OL7; OL6; OL5: denial of service), bind97 (OL5: denial of service), and firefox (OL7; OL6; OL5: two code execution flaws).

Red Hat has updated bind (RHEL6.4, 6.5: four denial of service flaws, including one from 2014) and bind (RHEL6.6: three denial of service flaws).

Scientific Linux has updated bind (denial of service), bind97 (SL5: denial of service), and firefox (two code execution flaws).

SUSE has updated java-1_7_0-openjdk (SLE12; SLE11: multiple vulnerabilities) and openldap2 (Studio Onsite 1.3: two vulnerabilities).

Ubuntu has updated curl (authentication bypass) and oxide-qt (15.10, 15.04, 14.04: multiple vulnerabilities).

Comments (none posted)