openSUSE has updated php5 (13.1, 12.3: multiple vulnerabilities), ppp (13.1, 12.3: privilege escalation), python-django (13.1, 12.3: multiple vulnerabilities), and flash-player (11.4: multiple vulnerabilities).
Red Hat has updated automake (RHEL5: code execution), bind97 (RHEL5: denial of service), conga (RHEL5: multiple vulnerabilities), krb5 (RHEL5: multiple vulnerabilities), and nss, nspr (RHEL5: multiple vulnerabilities).
Scientific Linux has updated axis (SL5&6: SSL hostname verification bypass).
Ubuntu has updated python-django (multiple vulnerabilities).
Mageia has updated dump (denial of service/possible code execution), glibc (two vulnerabilities), libgadu (missing ssl certificate validation), mariadb (code execution), and moodle (two vulnerabilities).
openSUSE has updated LibreOffice (13.1, 12.3: two vulnerabilities).
Ubuntu has updated curl (two cookie-handling vulnerabilities).
At his blog, Matthias Klumpp provides an update on recent work in Listaller, the cross-distribution framework for third-party package installation. The core issue is that Listaller currently relies on PackageKit's plugin infrastructure, which is going away. As a result, Klumpp has started work on a substantial rewrite of Listaller that will integrate with AppStream and other up-to-date tools. He is also, notably, taking this opportunity to trim down the project in other respects: "The new incarnation of Listaller will only support installations of statically linked software at the beginning. We will start with a very small, robust core, and then add more features (like dependency-solving) gradually, but only if they are useful. There will be no feature-creep like in the previous version."
Fedora has updated qemu (F20: information leak).
The Markdown text-markup format was created in 2004 by John Gruber, and has been widely adopted—especially in applications where some sort of text formatting is desirable, but full HTML is, for some reason, considered overkill. Despite its wide adoption, though, there have long been differing interpretations of various ambiguities in the canonical description of the format, leading to incompatible implementations. Now a small team of Markdown enthusiasts has decided to publish a more formal specification that can be used as a strict guidebook for implementers concerned about valid formatting.
Debian has updated acpi-support (privilege escalation).
Fedora has updated GraphicsMagick (F20: code execution), mariadb (F20; F19: multiple vulnerabilities), net-snmp (F20; F19: denial of service), python-django (F20; F19: multiple vulnerabilities), python-django14 (F20: multiple vulnerabilities), python-django15 (F20: multiple vulnerabilities), python-elixir (F20; F19: information leak), squid (F19: denial of service), thunderbird-enigmail (F20; F19: information leak), and webalizer (F20: code execution).
Slackware has updated seamonkey (multiple vulnerabilities).
SUSE has updated firefox (SLE11 SP3: multiple vulnerabilities).
Ubuntu has updated php5 (multiple vulnerabilities).