Debian has updated icedove (multiple vulnerabilities).
Debian-LTS has updated unace (code execution).
Fedora has updated arc (F21; F20: directory traversal), e2fsprogs (F21; F20: code execution), glibc (F21; F20: multiple vulnerabilities), php (F20: multiple vulnerabilities), and qt (F21: denial of service).
Mageia has updated php (multiple vulnerabilities).
SUSE has updated php5 (SLE12: two vulnerabilities).
Debian has updated unace (code execution).
SUSE has updated firefox (SLE12: multiple vulnerabilities).
Ubuntu has updated thunderbird (14.10, 14.04, 12.04: multiple vulnerabilities).
Fedora has updated httpd (F20: multiple vulnerabilities), librsvg2 (F21; F20: multiple unspecified vulnerabilities), libuv (F21: privilege escalation), nodejs (F21: privilege escalation), v8 (F21: privilege escalation), and vorbis-tools (F21; F20: denial of service).
Mandriva has updated cups (buffer overflow).
openSUSE has updated firefox, nss (13.2, 13.1: multiple vulnerabilities).
SUSE has updated java-1_6_0-ibm (SLES11 SP1,SP2: multiple vulnerabilities).
Ubuntu has updated kernel (14.04: regression in previous update).
Version 2.2.0 of the VLC media player has been released. According to the announcement, highlights in the new version include automatic, hardware-accelerated rotation of portrait-orientation videos such as those shot on smartphones, resuming playback at the last point watched in the previous session, in-application download and installation of extensions, support for interactive Blu-Ray menus, and "compatibility with a very large number of unusual codecs." The release is available for Linux, Android, and Android TV, plus various Windows and Apple platforms.