Security updates for Monday
Security updates for Monday
Arch Linux has updated cacti (SQL injection), glibc (unbound stack usage), and lib32-glibc (unbound stack usage).
Debian has updated cacti (SQL injection), drupal7 (multiple vulnerabilities), gajim (problem in previous update), php-horde (cross-site scripting), php-horde-core (cross-site scripting), pillow (multiple vulnerabilities), and xymon (multiple vulnerabilities).
Debian-LTS has updated bsh (code execution), gtk+2.0 (multiple vulnerabilities), ia32-libs (multiple vulnerabilities), libebml (two vulnerabilities), lxc (two vulnerabilities, one from 2013), pcre3 (code execution), and tomcat6 (multiple vulnerabilities).
Fedora has updated bind99 (F22: denial of service), jabberd (F23: cryptographically insecure), kernel (F23; F22: multiple vulnerabilities), libreoffice (F22: code execution), libssh (F23: insecure ssh sessions), libssh2 (F23: insecure ssh sessions), rubygem-actionpack (F23; F22: multiple vulnerabilities), rubygem-actionview (F23; F22: directory traversal), rubygem-activemodel (F23; F22: validation bypass), rubygem-activerecord (F23; F22: two vulnerabilities), rubygem-activesupport (F23; F22: authentication bypass), rubygem-rails-html-sanitizer (F23; F22: multiple vulnerabilities), and xen (F23: denial of service).
Gentoo has updated libwmf (multiple vulnerabilities).
Mageia has updated vlc (multiple vulnerabilities).
openSUSE has updated bouncycastle (Leap42.1, 13.2: signature forgery), dhcp (13.2: denial of service), and nodejs (Leap42.1, 13.2: two vulnerabilities).
Red Hat has updated openstack-glance (RHELOSP6: authorization bypass) and rabbitmq-server (RHELOSP6: two vulnerabilities).
Slackware has updated libssh (insecure ssh sessions).
Ubuntu has updated kernel (15.10: regression in previous update), linux-lts-wily (14.04: regression in previous update), linux-lts-utopic (14.04: regression in previous update), and linux-lts-vivid (14.04: regression in previous update).