A pile of security updates for Thursday
A pile of security updates for Thursday
Arch Linux has updated firefox (multiple vulnerabilities), irssi (code execution), and tomcat7 (proxy injection).
CentOS has updated firefox (C5, C6, C7: multiple vulnerabilities).
Debian has updated wireshark (LTS: dissector vulnerabilities), irssi (denial of service), and openssl (multiple vulnerabilities).
Fedora has updated
drupal7-google_analytics (F23, F24: cross-site scripting),
drupal7-panels (F23, F24: multiple
vulnerabilities),
jasper (F23: multiple code-execution
vulnerabilities),
mod_cluster (F24: "remote
exploits
"),
nodejs-string-dot-prototype-dot-repeat (F23: "update for security
reasons
"),
php-horde-Horde-Mime-Viewer (F23,
F24:
cross-site scripting),
php-horde-Horde-Text-Filter (F23,
F24:
cross-site scripting), and
xen (F23: multiple
vulnerabilities).
Mageia has updated chromium-browser-stable (29 CVEs), curl (code execution), file-roller (file deletion), flash-player-plugin (26 CVEs), icu (code execution), jsch (path traversal vulnerability), libksba (denial of service), nodejs (remote code execution), slock (lock bypass), and tomcat (traffic redirection).
openSUSE has updated opera (multiple vulnerabilities).
Oracle has updated firefox (OL5, OL6, OL7: multiple vulnerabilities).
Scientific Linux has updated firefox (SL5-7: multiple vulnerabilities).
Slackware has updated irssi (denial of service), pidgin (17 CVE numbers), and firefox (multiple vulnerabilities).
SUSE has updated
java-1_7_1-ibm (SLES12: three CVEs
described as "Unspecified vulnerability in Oracle Java SE 7u101 and
8u92 allows local users to affect confidentiality, integrity, and
availability via vectors related to Deployment
"), and
java-1_6-0-ibm (SLES11: one
unspecified vulnerability).
Ubuntu has updated firefox (multiple vulnerabilities), gdk-pixbuf (code execution), irssi (denial of service), and thunderbird (code execution).
Note that there appear to be differences of opinion as to whether the irssi vulnerability can be exploited for code execution.