Tuesday’s security updates

By ris

Debian has updated mercurial (two

Mageia has updated async-http-client (two vulnerabilities), glpi (privilege escalation), kernel (multiple vulnerabilities), libarchive (denial of service), libssh (denial of service), mailman (path traversal attack), pnp4nagios (cross-site scripting), postgis (multiple vulnerabilities), ruby-redcarpet (cross-site scripting), and springframework (information disclosure).

openSUSE has updated Chromium
(13.2, 13.1: two vulnerabilities), curl
(13.2, 13.1: information leak), dnsmasq
(13.2, 13.1: information disclosure), gnu_parallel (13.2, 13.1: file overwrite), libreoffice (13.2: code execution), libssh (13.2, 13.1: denial of service), libtasn1 (13.2, 13.1: denial of service), pcre (13.2, 13.1: multiple vulnerabilities),
and php5 (13.2, 13.1: multiple vulnerabilities).

Slackware has updated mariadb (multiple unspecified vulnerabilities), mysql (multiple unspecified vulnerabilities), and wpa_supplicant (code execution).

Ubuntu has updated libmodule-signature-perl (15.04, 14.10, 14.04,
12.04: multiple vulnerabilities) and openssl (12.04: re-enable TLSv1.2 by default).

From: LWN

FacebookTwitterGoogle+LinkedInEvernotePocketGoogle Gmail