Red Hat has updated squid (RHEL6: code execution).
Scientific Linux has updated firefox (multiple vulnerabilities), golang (SL7: denial of service), kernel (SL7: three vulnerabilities, one from 2015), and libtiff (SL7: multiple vulnerabilities, including some from 2014 and 2015).
SUSE has updated hawk2 (SLE12: clickjacking prevention).
Debian has updated curl (three vulnerabilities).
Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities), golang (RHEL7: denial of service), kernel (RHEL7: three vulnerabilities), kernel-rt (RHEMRG2.5; RHEL7: two vulnerabilities), libtiff (RHEL7; RHEL6: multiple vulnerabilities), and ntp (RHEL6.7: multiple vulnerabilities).
Scientific Linux has updated libtiff (SL6: multiple vulnerabilities).
Ubuntu has updated php5, php7.0 (multiple vulnerabilities).
See also: this post from Michael Meeks on the last year of LibreOffice development.
Click below (subscribers only) for the full article from this week's Kernel Page.
Arch Linux has updated openssh (user enumeration via timing side-channel).
Fedora has updated dropbear (F23: multiple vulnerabilities), krb5 (F24: denial of service), p7zip (F23: two code execution flaws), php-doctrine-common (F24; F23: privilege escalation), and wireshark (F24: multiple vulnerabilities).