Debian Linux Security Advisory 2846-1 - Multiple security issues have been found in Libvirt, a virtualisation abstraction library.
0ddde79a2602627d9c15a988b3565cbf0c6bd7e43a46674de20629e6a8688b35
Mandriva Linux Security Advisory 2014-009 - librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference. For Business Server 1 gtk+3.0 has been patched to cope with the changes in SVG loading due to the fix in librsvg.
a8a5daad2c6d3d3246c089eaf7364d8a45fe880d93a700d893540b19bc9de1d3
VMware Security Advisory 2014-0001 - VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues.
07287453a07e0d7df1d3cfcd28f6b0d4fc00d45337028a08b941cd95f2a7eaa4
Mandriva Linux Security Advisory 2014-008 - Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Multiple denial of service flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash. .
7af8d53e84c8e17c80d5e3dc5083a41de47605307f780c632c8ff10a35fed7b1
Mandriva Linux Security Advisory 2014-007 - The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. The updated packages have been patched to correct this issue.
7a7edc673b8aa4809fa4882410bf5431e74327edd08dae83d3353c992b6391ba