Thursday's security updates

[Posted February 25, 2016 by jake]

Thursday's security updates

[Security] Posted Feb 25, 2016 15:39 UTC (Thu) by jake

Arch Linux has updated libgcrypt (key leak) and libssh2 (insecure sessions).

Debian has updated icedove (multiple vulnerabilities).

Debian-LTS has updated libfcgi (denial of service), libfcgi-perl (denial of service), pixman (code execution from 2014), and postgresql-8.4 (denial of service).

Fedora has updated hamster-time-tracker (F22: denial of service), postgresql (denial of service), and qemu (three vulnerabilities).

Mageia has updated libssh (insecure sessions).

openSUSE has updated gummi (42.1, 13.2: insecure tmp files), libgcrypt (13.2: key leak), and postgresql94 (42.1: three vulnerabilities, one from 2007).

Oracle has updated openssh (OL5: denial of service from 2010).

SUSE has updated firefox (SLE11SP4: denial of service).

Ubuntu has updated ca-certificates (15.10, 14.04, 12.04: 1024-bit RSA key removal), glib-networking (15.10, 14.04, 12.04: update for certificate changes), gnutls (14.04, 12.04: update for certificate changes), and openssl (14.04, 12.04: update for certificate changes).

Comments (none posted)