Security advisories for Thursday

[Posted March 3, 2016 by jake]

CentOS has updated postgresql (C7; C6: denial of service).

Fedora has updated kernel (F23: denial of service) and pcs (F22: two vulnerabilities).

Mageia has updated asterisk (denial of service), drupal (multiple vulnerabilities), openssl (multiple vulnerabilities), perl-FCGI (denial of service from 2012), phpmyadmin (cross-site scripting), postgresql (two vulnerabilities), tomcat (multiple vulnerabilities), wireshark (multiple vulnerabilities), xdelta3 (code execution from 2014), and xerces-c (code execution).

openSUSE has updated libopenssl0_9_8 (42.1, 13.2: many vulnerabilities, some from 2013 and 2014), libssh2_org (13.2: insecure sessions), and openssl (13.1; 11.4: multiple vulnerabilities).

Oracle has updated postgresql (OL7; OL6: denial of service).

Red Hat has updated postgresql (RHEL7; RHEL6: denial of service), postgresql92-postgresql (RHSC: denial of service), and rh-postgresql94-postgresql (RHSC: denial of service).

Scientific Linux has updated postgresql (SL7; SL6: denial of service).

Slackware has updated mailx (drop SSLv2 support), openssl (multiple vulnerabilities), and php (multiple vulnerabilities).

SUSE has updated compat-openssl097g (SLE11SP4: multiple vulnerabilities), java-1_7_0-ibm (SLE11SP3: multiple vulnerabilities), and openssl (SLE12, SLE12SP1: multiple vulnerabilities).

Ubuntu has updated pixman (14.04, 12.04: code execution from 2014).