Security updates for Tuesday

[Posted April 5, 2016 by ris]

[Security] Posted Apr 5, 2016 16:28 UTC (Tue) by ris

Arch Linux has updated optipng (code execution).

Debian has updated mercurial (three vulnerabilities) and roundcube (code execution).

Fedora has updated krb5 (F22: null pointer dereference) and vtun (F23; F22: denial of service).

Gentoo has updated xen (multiple vulnerabilities, some from 2012).

openSUSE has updated ghostscript (Leap42.1: buffer overflow).

Red Hat has updated nss, nss-util, nspr (RHEL6: two vulnerabilities).

Slackware has updated thunderbird (multiple vulnerabilities).

SUSE has updated xen (SLE11-SP4: multiple vulnerabilities, some from 2013).

Ubuntu has updated libav (12.04: multiple vulnerabilities) and xchat-gnome (man-in-the-middle attack).